urlscan.io logo urlscan.io
SecurityTrails logo

www.vesty.co.il Open in urlscan Pro
2.18.235.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.vesty.co.il/main
Submission: On January 20 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 11 countries across 42 domains to perform 386 HTTP transactions. The main IP is 2.18.235.16, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il. The Cisco Umbrella rank of the primary domain is 438101.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 13th 2022. Valid for: a year.
This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2.18.235.16 16625 (AKAMAI-AS)
24 178.79.242.181 22822 (LLNW)
11 2a00:1450:400... 15169 (GOOGLE)
56 151.101.193.44 54113 (FASTLY)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
12 13.32.27.21 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 2a02:6b8:a::a 208722 (GLOBAL_DC)
1 2600:9000:206... 16509 (AMAZON-02)
39 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.24 16509 (AMAZON-02)
2 13.32.27.94 16509 (AMAZON-02)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 142.250.186.70 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 141.226.228.48 200478 (TABOOLA-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 141.226.224.48 200478 (TABOOLA-AS)
10 2a00:1450:400... 15169 (GOOGLE)
12 16 142.251.39.34 15169 (GOOGLE)
8 16 185.80.39.216 27381 (CASALE-MEDIA)
8 12 37.252.171.85 29990 (ASN-APPNEX)
39 2a00:1450:400... 15169 (GOOGLE)
4 138.201.63.149 24940 (HETZNER-AS)
6 172.217.18.98 15169 (GOOGLE)
1 4 138.201.220.30 24940 (HETZNER-AS)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 18.135.49.103 16509 (AMAZON-02)
1 2 142.250.185.102 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 23.67.134.223 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.98 16509 (AMAZON-02)
1 13.32.27.40 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 18.168.77.94 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
386 60
8    2.18.235.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-16.deploy.static.akamaitechnologies.com
www.vesty.co.il
totalmedia2.ynet.co.il
www.ynetnews.com
24    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
ynet-images1.yit.co.il
11    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
56    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprnjmp.taboola.com
1    2606:4700:20::ac43:464d (United States)

ASN13335 (CLOUDFLARENET, US)
mrb.upapi.net
2    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
12    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
cdn.flowplayer.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
1    2600:9000:206f:5e00:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
39    2606:4700::6812:79e (United States)

ASN13335 (CLOUDFLARENET, US)
ynet-pic1.yit.co.il
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.32.27.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-24.fra56.r.cloudfront.net
ecdn.analysis.fi
2    13.32.27.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-94.fra56.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
5    2606:4700:20::ac43:473d (United States)

ASN13335 (CLOUDFLARENET, US)
js.nagich.co.il
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ads.google.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
47    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
28    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-match.taboola.com
us-vid-events.taboola.com
10    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
16    142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
cm.g.doubleclick.net
16    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
12    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
39    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal9000.redintelligence.net
6    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
googleads4.g.doubleclick.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    18.135.49.103 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-49-103.eu-west-2.compute.amazonaws.com
track.webgains.com
2    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    23.67.134.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
1    13.32.27.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-40.fra56.r.cloudfront.net
cdn.track.production.webgains.team
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    18.168.77.94 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-77-94.eu-west-2.compute.amazonaws.com
api.webgains.io
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
595 KB
63 yit.co.il
ynet-images1.yit.co.il — Cisco Umbrella Rank: 72714
ynet-pic1.yit.co.il — Cisco Umbrella Rank: 57275
3 MB
61 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 893
trc.taboola.com — Cisco Umbrella Rank: 641
trc-events.taboola.com — Cisco Umbrella Rank: 1285
vidstat.taboola.com — Cisco Umbrella Rank: 2631
images.taboola.com — Cisco Umbrella Rank: 1604
imprnjmp.taboola.com — Cisco Umbrella Rank: 7425
us-match.taboola.com — Cisco Umbrella Rank: 7434
us-vid-events.taboola.com — Cisco Umbrella Rank: 7014
pips.taboola.com — Cisco Umbrella Rank: 1510
cds.taboola.com — Cisco Umbrella Rank: 1580
928 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 264645
338 KB
39 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
510 KB
16 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
11 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
13 KB
12 flowplayer.com
cdn.flowplayer.com — Cisco Umbrella Rank: 44879
194 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
218 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 34179
hal900016.redintelligence.net — Cisco Umbrella Rank: 198695
60 KB
7 google.com
ads.google.com — Cisco Umbrella Rank: 22535
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7024
182 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
285 KB
5 nagich.co.il
js.nagich.co.il — Cisco Umbrella Rank: 35642
21 KB
5 vesty.co.il
www.vesty.co.il — Cisco Umbrella Rank: 438101
62 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
region1.google-analytics.com — Cisco Umbrella Rank: 2439
21 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 810
api.btloader.com — Cisco Umbrella Rank: 922
7 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18712
api.webgains.io — Cisco Umbrella Rank: 49878
31 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47464
medialead.de — Cisco Umbrella Rank: 47044
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
170 KB
2 gstatic.com
fonts.gstatic.com
26 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
63 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 921
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
www.google.de — Cisco Umbrella Rank: 5983
1 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 24168
cdn.firstimpression.io — Cisco Umbrella Rank: 24150
93 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 427
fonts.googleapis.com — Cisco Umbrella Rank: 35
125 KB
2 ynet.co.il
totalmedia2.ynet.co.il — Cisco Umbrella Rank: 71175
71 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056
3 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15193
702 B
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 97044
312 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 40045
2 KB
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46272
629 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 131376
931 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 891
43 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 385
288 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1273
1 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2534
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 29391
2 KB
1 ynetnews.com
www.ynetnews.com — Cisco Umbrella Rank: 385621
886 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 103421
1 KB
1 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1674
91 KB
1 upapi.net
mrb.upapi.net — Cisco Umbrella Rank: 58807
546 B
386 42
Domain Requested by
47 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
39 s0.2mdn.net www.vesty.co.il
s0.2mdn.net
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
39 ynet-pic1.yit.co.il www.vesty.co.il
38 images.taboola.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.vesty.co.il
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
googleads.g.doubleclick.net
24 ynet-images1.yit.co.il www.vesty.co.il
16 dsum-sec.casalemedia.com 8 redirects googleads.g.doubleclick.net
16 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
13 cdn.taboola.com www.vesty.co.il
cdn.taboola.com
12 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
12 cdn.flowplayer.com www.vesty.co.il
11 securepubads.g.doubleclick.net www.vesty.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
10 googleads.g.doubleclick.net fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
www.vesty.co.il
pagead2.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
7 yastatic.net 1 redirects yastatic.net
6 googleads4.g.doubleclick.net www.vesty.co.il
6 www.googletagservices.com securepubads.g.doubleclick.net
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
5 fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 js.nagich.co.il www.vesty.co.il
js.nagich.co.il
5 www.vesty.co.il www.vesty.co.il
ynet-images1.yit.co.il
4 hal900016.redintelligence.net 1 redirects fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 hal9000.redintelligence.net fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 www.google.com 2 redirects tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.vesty.co.il
3 trc.taboola.com cdn.taboola.com
3 www.googletagmanager.com www.vesty.co.il
www.googletagmanager.com
adv.office-partner.de
2 api.webgains.io analytics.webgains.io
2 fonts.gstatic.com fonts.googleapis.com
2 5994599.fls.doubleclick.net 1 redirects www.vesty.co.il
2 pv.medialead.de 2 redirects
2 www.youtube.com www.vesty.co.il
www.youtube.com
2 api.btloader.com mrb.upapi.net
2 ad-delivery.net www.vesty.co.il
2 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
2 btloader.com 1 redirects www.vesty.co.il
2 totalmedia2.ynet.co.il www.vesty.co.il
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 cdn.track.production.webgains.team fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 fonts.googleapis.com hal900016.redintelligence.net
1 www.awin1.com fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
1 ad-server.eu fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 track.webgains.com www.vesty.co.il
1 pb.media01.eu hal900016.redintelligence.net
1 adv.office-partner.de hal900016.redintelligence.net
1 us-vid-events.taboola.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 trc-events.taboola.com www.vesty.co.il
1 gum.criteo.com cdn.taboola.com
1 adservice.google.de securepubads.g.doubleclick.net
1 widgets.outbrain.com www.vesty.co.il
1 ad.doubleclick.net www.vesty.co.il
1 cdn.permutive.com cf.dxmcdn.com
1 ads.google.com ynet-images1.yit.co.il
1 ecdn.firstimpression.io www.vesty.co.il
1 ecdn.analysis.fi www.vesty.co.il
1 www.ynetnews.com www.vesty.co.il
1 cf.dxmcdn.com www.vesty.co.il
1 yandex.ru www.vesty.co.il
1 imasdk.googleapis.com www.vesty.co.il
1 mrb.upapi.net 1 redirects
386 70
Subject Issuer Validity Valid
qa.vesty.co.il
DigiCert SHA2 Secure Server CA		 2022-02-13 -
2023-02-15		 a year crt.sh
*.yit.co.il
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-11-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.flowplayer.com
Amazon		 2022-06-01 -
2023-06-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-10 -
2024-01-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
analysis.fi
Amazon		 2022-11-03 -
2023-12-02		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-08-31 -
2023-02-28		 6 months crt.sh
adwords.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
adv.office-partner.de
R3		 2023-01-01 -
2023-04-01		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://www.vesty.co.il/main
Frame ID: 5A3F270B0D15681821B0CF694981773B
Requests: 202 HTTP requests in this frame

Frame: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9A16A5030A2EC246611D89C8E91511F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D335D68D00BAB7EA42D20E8ED604D6B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DC29602AB065F5C193E052D824370EC
Requests: 2 HTTP requests in this frame

Frame: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F231FCE1E4D2F736E32B6E7FE14BEDA5
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss58tcxy9NMKP8KfeO0fSSNi9R8246k5L_taezp2LUWYN6EPAOMyq9Qzb4ot8P4S-ko2g6cZzWbrkek6IxwLpZEoW3vJujCCSRukWYBN53C9_oEDQm3ZrEUM9-06d2w9yxCqjKmUZC7yVdj8pbAzquLSRTumHfMmZL4mahwYViqReReqUCoiPnre6ncNlA1Cvaict_ZQmP3nIf1BPMa5ZmmG6OHMHW2Hllhya0JEBO-o9Q6ZoyJ98Iz5QHHlG1frpDNr6p4VWD1Nhhwm6PLpojWPbT9hmWocjFnGkQIMUziVZt9jQ2VCMKwJMEBZqmWXAVRAPDKejdHwpuAPw&sai=AMfl-YTz0I4_pcVcpkJVjhHT3d7FzXp0JNwr4Sp8MLNMccpHtjzp8waM1NdbHCJiP6uuWQ9Txmq5YZ2kIIuhiqrZBmoH2G6i01PQntjED1SnaArxFZ6z5otCs2OdBArlA4JeXRxL2QaNUv2M4GWCBWXR4QE&sig=Cg0ArKJSzHHmqovkaQ2nEAE&uach_m=[UACH]&adurl=
Frame ID: D126D35DF8163586B48A71266D312922
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: A36486D291A15D8D5E3C25338A578264
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVfOGZRGidyNQyugmeAlrg_zQgU4fFJmTumP9mIlPOyfFyk1D8ysE726WYJhDYDEbZLGNQY36UWSemLEqj02g_DlC74Da8Kw39C-M_QiCVCx2VsyfYtXWcPXI3fcLbVf4wHysAIR-qudsXGW1_zONtHcp0Q8CRocwFHqLOwrTCtNfq24hzAwRlvAviJmpshRYEm5alWJdd6saHMBy5RPf34AkJi0PcvMyLL4PcuEZynl7iRHJZGdF30dsh16Un9tQzgjyUuvxhcJIOkCU7xBcNiQqtb6syIFW-mUkJSjqf5YUWR3YILvmShPjO6LbbYSj4vTyQt_Ax3dmXVg&sai=AMfl-YSom3ihW74m72w8zMqoUHWn7u--TyDsQeLhpTbuC7ZeUAKOmPjL1iOIeMyQCiZGIbcbB7UnwEbjkIP0MK0RdUZzhyv54tz3htvJS1fauJXkkqrC9O4JzdW3pvo9IHqQoT7rmREZiUQS4TMFgdSPQAw&sig=Cg0ArKJSzO17ouFpHA5GEAE&uach_m=[UACH]&adurl=
Frame ID: 3850B04EB0E7A141DE3464E76F65FD59
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: A81C9C100BBEBB0A79696BE5B262B32B
Requests: 11 HTTP requests in this frame

Frame: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C19BEB0A980F2ED27E4ED1619B100C50
Requests: 21 HTTP requests in this frame

Frame: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F3335F6FD01E080500B4ABA4C8F4FF3
Requests: 19 HTTP requests in this frame

Frame: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9DD8AB863448BF5DFA84350D81C6F276
Requests: 19 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7JD8CFgPXhX0jpuiNmATXhX0jpuiNmAUAAAAGBvQHJDBzzBYOi8mtsdg2btFqYnJLXKaRWzacDQfLzcJmmk2MQAIzx2zhsJjcGott4xatJia3xGUauWXD2XCw3CxsptnEChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxZHgrsvLbXFZfv4AAAAAAAEAAAAgASDgyi8BuLCKOvn_________jxmgz7yR-f___79R6AF48AF4EAIAAPgYst6GB5OpjxMgIhAsYgQAAAAA9a-wfDSpEyqLqv___34rgCsAgIBC54AI7yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJlTE3JwWFHPkqvYLCACw9gsIAMA2bgAAbwFwQUfQisFgdQkxGKw2u9FmMjsAAACAu____389kDJNfLPNyuRxzFYT32K5cC48jsnEOZgslquNx7e9ooa0EuxRR5Y-DWGZ_b6DkO92GR4-l0FOIogPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_Q3EYDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNEQYGCxGg8nC4hYMVqu1aLJwuSXGjWet201GztnCs1qODGvR62N6eDwbz2a2RcGAj71InhbpRDVczlaumc22Wjl2q8nIsdnYLI7VcDMxWRwzj8cilmhOFulEdtm3TBPfbLMyeRyz1cS3WC6cC49jMnEOJovlauPx7QuDxWgwWVjcgsFqtRZNFi63xLjxrHW7ycg5W3hWy5FhLXp9TA-PZ-PZzPaN2W60WA5Hq9G-MduNFsvhaDXad5hMz9TnbDSfpROPz3gaDSWOm8OgcBks3p_EtJh2Zwe_tHV0-nweZUFn9Pv9fr_f7_f7_X6D1nMwGxS-6zimHZdkFm25djuIDQZFLBFcpBPl3WV6y16e0_MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jw04mEtWq7liMJcMNqsEAAAAAAAAALCEOfMmAAAAAKeBDFfL0WqdB7GaLEeT1XIBIIqTdX94h9sc3NpMdxnOMLEMFCg2ixs_Vsi7y_SWvTyn55UBAAQmmTd_Joi1Wi1rAAAAAWwAAIAAbt28BYRZ8f____9xAAAAMnL0AAAA9PtAUAo9cKPXCvwEuVwtBg!&cmcv=&pix=undefined&cb=1674198455840&uv=3250&tms=1674198455840&abt=ampfb_vC!Noappq22_vB!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=0f16aabd-cb6c-45bd-be4d-6868093af46b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8DA479A2E98E9DD54DA21E5469E4B820
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7JD8CFgPXhX0jpuiNmATXhX0jpuiNmAUAAAAGBvQHJDBzzBYOi8mtsdg2btFqYnJLXKaRWzacDQfLzcJmmk2MQAIzx2zhsJjcGott4xatJia3xGUauWXD2XCw3CxsptnEChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxZHgrsvLbXFZfv4AAAAAAAEAAAAgASDgyi8BuLCKOvn_________jxmgz7yR-f___79R6AF48AF4EAIAAPgYst6GB5OpjxMgIhAsYgQAAAAA9a-wfDSpEyqLqv___34rgCsAgIBC54AI7yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJlTE3JwWFHPkqvYLCACw9gsIAMA2bgAAbwFwQUfQisFgdQkxGKw2u9FmMjsAAACAu____389kDJNfLPNyuRxzFYT32K5cC48jsnEOZgslquNx7e9ooa0EuxRR5Y-DWGZ_b6DkO92GR4-l0FOIogPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_Q3EYDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNEQYGCxGg8nC4hYMVqu1aLJwuSXGjWet201GztnCs1qODGvR62N6eDwbz2a2RcGAj71InhbpRDVczlaumc22Wjl2q8nIsdnYLI7VcDMxWRwzj8cilmhOFulEdtm3TBPfbLMyeRyz1cS3WC6cC49jMnEOJovlauPx7QuDxWgwWVjcgsFqtRZNFi63xLjxrHW7ycg5W3hWy5FhLXp9TA-PZ-PZzPaN2W60WA5Hq9G-MduNFsvhaDXad5hMz9TnbDSfpROPz3gaDSWOm8OgcBks3p_EtJh2Zwe_tHV0-nweZUFn9Pv9fr_f7_f7_X6D1nMwGxS-6zimHZdkFm25djuIDQZFLBFcpBPl3WV6y16e0_MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jw04mEtWq7liMJcMNqsEAAAAAAAAALCEOfMmAAAAAKeBDFfL0WqdB7GaLEeT1XIBIIqTdX94h9sc3NpMdxnOMLEMFCg2ixs_Vsi7y_SWvTyn55UBAAQmmTd_Joi1Wi1rAAAAAWwAAIAAbt28BYRZ8f____9xAAAAMnL0AAAA9PtAUAo9cKPXCvwEuVwtBg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 65DFEAA3CEDCFC2F7DD8CEA7A46E0665
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGJO-yd0BMAE&v=APEucNWqIcblKtTZqpx7rLbJco30isSa9e0MNGsUc_QtFPyKQGTEJBZS097r3i0h5ln7XsvCLs9z5cwYT8e6bMGDm1HiqTRRYHfEDF1e8X43SWQ2mheKgbAAnFNWnKZgyJX4B4VGUZUXiCAEg9Pn86aGGsp0rIQ92E3kV8Ni_HccsNE0q5dGkWk
Frame ID: 67110C5944B2A8D7D0631468ADCD88C9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUxZ3oozoflXvb9bh8YH8LNzcYPfif6qQPctgZRkZp7qs7nLngmUxXWBiE6RfeNVMuOMaOcXrbxpsSMQ0ePONDPkAsgm_QjT0qOb5on97_4MKqJTs3sRDvsXTPjTbN72rldTbK9TzruJUhUOc5h9q-Goq_whkuXakR35MUIL4fNH7myCtQ
Frame ID: 87193E079521709F3DEF9CF31D3B284F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNVhiUbE9OwitxQEBWNQUw9w2u3AOKXg6zrrcCDex4Sw_XrMZCdatWPIvdXynIy1DIMU8nCQVlocN_W23vBSyvZ_VBcYejpcjX2u1p33jWA4RlYGua8CksEyd6KtRcFt5P_C53YavcsE11_PwGuINCAdhCIi-ZzB3O4G_vzNlcaxIX-RjeA
Frame ID: 6B6A4336713242485FD5BD2A25BC4CC1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNWOdvAo2AggEYyniEhYZMwjfVAXbq8geYsjh2LNXDwk-zPlp-2TIeebb7a2YwU67vcMTD2Ra0o-hDdk7Y94U34xzi36cqE418sLmqPdan23gheU2AFWES8IbnQQoAPUnjW-FdXmCOYYQHvZzem2IwHkk0LAe3DR67GEwzfQgqea5djiBwI
Frame ID: 623C73848AF7C149B015FAE8115D3F5D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 396C4BBF2D29565F9E28FFC45DD74E65
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
Frame ID: 135DF7691D18F46EB831072464903E42
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Frame ID: 3F518360F2FC6EEB6748F3291AA68471
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Frame ID: EFFB4D067AA3931743412979DC6EED8F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1BDC4764C38D9DC0B3A63018EE56B658
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1C4587EAE680AE48E24F3D26BAB4EC64
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 575297A3D6D05C6AE8DE8319B80D82AF
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: BCDC7B644FD18E1E16E9B4BEE51F3464
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88831100046840704445006012210016&actionid=981741&produktid=&dt_url=
Frame ID: 3096FBF690796E9A351765B95375323E
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547
Frame ID: 98995B98DFDF9D9C2A618E24920FCB47
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Frame ID: 5454A027DC690E3D5E696B56123ED280
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vesty | Новости Израиля | Вести Израиль

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

386
Requests

94 %
HTTPS

53 %
IPv6

42
Domains

70
Subdomains

60
IPs

11
Countries

6884 kB
Transfer

18913 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
  • https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
  • https://btloader.com/tag?w=5732901039636480&upapi=true
Request Chain 22
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 267
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 271
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 273
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Request Chain 275
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Request Chain 279
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 281
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Request Chain 283
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 285
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Request Chain 287
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Request Chain 323
  • https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 368
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=88831100046840704445006012210016&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88831100046840704445006012210016&actionid=981741&produktid=&dt_url=
Request Chain 370
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547
Request Chain 372
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88831100046840704445006012210016 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88831100046840704445006012210016 HTTP 302
  • https://ad-server.eu/wm/pb/native.png

386 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request main
www.vesty.co.il/ 		203 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04e215354b7bbad6c67c7f61f97b285a2846995a2665626ee64d67fff26c2c08
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
45119
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Jan 2023 07:07:33 GMT
Last-Modified
Fri, 20 Jan 2023 06:57:39 GMT
OSV
c8
V-TTL
0
VX-Cache
MISS
Vary
Accept-Encoding
WAI
01
X-Frame-Options
SAMEORIGIN
X-me
${S_HOSTNAME}
X-version
V3
backend-cache-control
s-maxage=900
vg_id
2
vesty.33e53a49ce15050fe01564c2b4dbdfad.css
ynet-images1.yit.co.il/Common/frontend/site/prod/ 		689 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.33e53a49ce15050fe01564c2b4dbdfad.css
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
39ca1191643d6bbc13bdc8f643eb7464874326f254217266d57adddf3f07392e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Mon, 16 Jan 2023 13:26:08 GMT
server
Microsoft-IIS/10.0
age
238589
access-control-allow-methods
GET,POST
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
163485
x-llid
f1709b8c4e5ac2ed19f063d9f9a26bde
expires
Thu, 16 Feb 2023 12:51:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7640773899458de6505f8d74452bac91d2cbf258cb95e650c0db507d51a5e5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27774
x-xss-protection
0
server
sffe
etag
"1457 / 436 of 1000 / last-modified: 1674187653"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Jan 2023 07:07:33 GMT
jquery-3.4.1.min.js
ynet-images1.yit.co.il/Common/Api/Scripts/ 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-images1.yit.co.il/Common/Api/Scripts/jquery-3.4.1.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 08:04:02 GMT
server
Microsoft-IIS/10.0
age
2322324
access-control-allow-methods
GET,POST
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
37032
x-llid
a45e1313b6cb3dd362f0d961f362c6d7
expires
Mon, 23 Jan 2023 10:02:09 GMT
gpt_script_yns_ynv.js
totalmedia2.ynet.co.il/new_gpt/vesty/ 		133 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bdc5aab1bc93dc47fbb638ee7462509fffb3392c2cd3ef31886e7a3aa76f291f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Jan 2023 10:35:29 GMT
server
AkamaiNetStorage
etag
"7ca16f9bf7180ab58f819e791d805c1e:1673422413.179501"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
27381
ynv_templates.js
totalmedia2.ynet.co.il/gpt/ynv/ 		110 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Feb 2019 09:15:22 GMT
server
AkamaiNetStorage
etag
"0d986196c56347b4af883296acc3ef7f:1549530922"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
loader.js
cdn.taboola.com/libtrc/ynet-vesty/ 		814 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
591f2a1884627044012d609421f5720e613296501b0e202b39d3f4a740824b14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
MowPYjvRNEo1Jhp2qj8YPIrbVtR88D72
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:33 GMT
x-amz-request-id
S8C2176M8ZVFS7MF
age
9582
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
12
content-length
67453
x-amz-id-2
eRQCujiNiwZE37zuF7YRJpgx/x+0vyDYSdKkEITnsXkKNhElv55BS7wVn+88Qndqk00S2i5w1co=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 16:29:49 UTC
server
nginx
x-timer
S1674198454.961550,VS0,VE1
etag
"49e853bdb9f8658ee488cc06a0df4c5252842778"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
19
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
tag
btloader.com/
Redirect Chain
  • https://mrb.upapi.net/code?w=5732901039636480&uponit=true
  • https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
  • https://btloader.com/tag?w=5732901039636480&upapi=true
16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9bf657a0421d24a554000faee793d7fa96fa4873737ea7e82290b191bf84e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Jan 2023 06:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2320
etag
W/"5faab379c3601b5fdc2da057839c7167"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiNEcx40bAo7ghkP0pG9zy3fLZJExr%2BHhHpKkBZ116CCatHPQyUBu7%2BUR9E2VFs1P7hzWxZSqWex84Fz8%2By9rSSF8OP%2Bp%2FAKw8F%2FlNGx8%2B%2F%2FCroqIJfEgTigNdnXnrMz%2BoD3ylRCLXQobg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
78c5f953c84c30e4-FRA

Redirect headers

date
Fri, 20 Jan 2023 07:07:34 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2252
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1JbiY5EZxRsCsz9W8kQbLfnn6WHgFARPh6Nlx457DGGylv8K%2BYLGEwuj7OELgRlRyH6YhpDHfXAF57BG%2BogshIfIlm2AcJ2dFpbrjeWxA3mzE0op4tyrtj7xyg3Vj1u09tV%2Fw8SKuJkAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?w=5732901039636480&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
78c5f952bf0730e4-FRA
vendors-widgets.81738138db7fbf06462f.js
ynet-images1.yit.co.il/Common/frontend/site/prod/ 		2 MB
668 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
92a85f93f18ea572688b8fd7b5c5ff1b9e69c4a61464d72764d833c42dc41c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 10:20:43 GMT
server
Microsoft-IIS/10.0
age
2335079
access-control-allow-methods
GET,POST
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
683776
x-llid
f5ff4a86a1e5bd26365289561378ea7b
expires
Mon, 23 Jan 2023 06:29:35 GMT
widgets.303605fef38f90ef4d80.js
ynet-images1.yit.co.il/Common/frontend/site/prod/ 		3 MB
656 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-images1.yit.co.il/Common/frontend/site/prod/widgets.303605fef38f90ef4d80.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a4e198b2c834a9247253ee0907864214dc8b64263ccb73a6db9a0fa7230046b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Jan 2023 13:26:10 GMT
server
Microsoft-IIS/10.0
age
238589
access-control-allow-methods
GET,POST
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
671155
x-llid
f072b6b46a6b747fb229be46df248ef8
expires
Thu, 16 Feb 2023 12:51:05 GMT
flowplayer.min.js
cdn.flowplayer.com/releases/native/3/stable/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/flowplayer.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fe1ae1648775edf24571baca8bb930a19cd56ad1732c71eb1174ffaece615b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
EfIZsoCQjV2nCcegN1WgA73x5C4ng1EL
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 00:53:01 GMT
x-amz-cf-pop
FRA56-C2
age
22634
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:30 GMT
server
AmazonS3
etag
W/"a4be0dce02b8bb52c954d352f9580e69"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
DeBmdj8pav92-6b25Uc77ThOu8a9oTf5ICEaiW4jp-MgMzIoeX64cg==
flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96234ac86729d6833b645cd2047bd81096a8abc561dbea4b3ceee35629200345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
3PHBXpyMUtPrdNdVpqge4VvRfu7KsMDN
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 03:03:15 GMT
x-amz-cf-pop
FRA56-C2
age
14734
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:43 GMT
server
AmazonS3
etag
W/"bf92134f112cf251798e0ba890768af1"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
L8AP94dWzyZFhgy8u5M3heer3TyODLXPISmmlbou1vDU57sD5U5A_Q==
ads.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/ads.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c048d103427ee2c5a05a4a12a1cfed6947ed96c8049f2a6b16a4e780a2d5eee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
5o4FRrKkCPpJqSagmWNGx5n0mHxk2RE.
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 02:45:57 GMT
x-amz-cf-pop
FRA56-C2
age
15811
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:31 GMT
server
AmazonS3
etag
W/"f62c0263d91a8a5eb47e94438dba3c18"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
ImSBMqgAmun65uynXiADCwAsASXpcg4SLJLR5kE1PZea3I98kEy7fA==
cuepoints.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/cuepoints.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfe4daba7053363118b8b9cf8b98fab5eec0d00fbad7bfa837f7a1efd1b168eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
805k_ub20WkOqBrrViqgs7iUflvSoG8J
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 01:27:14 GMT
x-amz-cf-pop
FRA56-C2
age
55248
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:34 GMT
server
AmazonS3
etag
W/"7b697add4d6d6d2afa72e2c87c37fb4d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
Uk4NnzCUrFTJ7Hbm-lnhfxN5EFWqtjDgzd1GFo8u-0pRU5lYl7YmMw==
google-analytics.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/google-analytics.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33b2981a419041dc8a66b34f5b005f08e6aa8abef9355fce5a78a9efacb794af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
hgn4jZ1a_ncCm1SgyLx_6oo16RxJRN8J
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 06:00:13 GMT
x-amz-cf-pop
FRA56-C2
age
48525
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:37 GMT
server
AmazonS3
etag
W/"41f314e96559610efcddc8bfc1b431b0"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
z5qIiLCtFTM1a7wzau9AqIdtqWXUxHD6ckTGaJ3VNc-I4r7b8C4UFA==
keyboard.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/keyboard.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e2eee6a7345ae1bb05a9d2db7f906ecf989222804398fd56290e1570e72a37a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
Cv1PCuG1zIwYhg6bWSstkULSdGSJSiAg
date
Thu, 19 Jan 2023 15:01:11 GMT
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
57983
x-cache
Hit from cloudfront
content-length
3746
last-modified
Tue, 06 Dec 2022 13:15:39 GMT
server
AmazonS3
etag
"295a69212315e8f0e8495ec39bf5b388"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
p-EHFMZOF-IjSvtdZoJAVjqv4pv1mZQcZIR5Cf2vZhMzHSJG9QH4Kw==
share.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/share.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bee5b0d13f1de0b52c6aa4a61b112428f78c656b7fdb7e6b1367c53b2ba84fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
o.fyq2oVoE1f5L.qORG4Z7k9I31LDMvg
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 03:39:13 GMT
x-amz-cf-pop
FRA56-C2
age
12501
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:42 GMT
server
AmazonS3
etag
W/"013a5e0b8b2db6b7ba4c7d41aa0fa204"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
qJ-OOvv7_3sG8qfXPVX24Ll_-QkqkE6trrjrmUdKKaH-Y4NUfro5tg==
qsel.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/qsel.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4234a04add3fca32f5045b81ac01f90b8c422117a9d55be34abad4a0682dd6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
FVWyLmr1IGAspI30b7dDOp0tpYIEO4QJ
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 02:10:30 GMT
x-amz-cf-pop
FRA56-C2
age
17892
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:41 GMT
server
AmazonS3
etag
W/"3861beed5d9c49eae75818f202c21438"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
W97O0YE9XkxHJQyNqxb3HhvcAkd_CmfMipIiqnsUsc1TMdbux7lLcQ==
asel.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/asel.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbcdc9c9b394f67db4cd37757c7b7b6d2a316d5108b173201d3c726609ccc525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
tLRa9aWAdSB4HSO8Wr6m1Z.6JPyY_.nY
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 05:13:20 GMT
x-amz-cf-pop
FRA56-C2
age
23158
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:32 GMT
server
AmazonS3
etag
W/"3c7d8de5e00949fa2bd456238aa512ea"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
w5Lv26XRfu2Trb-3MKFD5qsuBtODCgm7Bqe-sl7o5_ptpGipDk9a2w==
hls.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		386 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/hls.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fca7437ffdda5a71bf74bd71f6b2c3614135c7d7a779d6a99ae52b20c421270e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
cK5gwp6wey6b6nesT3IpvU6H5iDLbmlT
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 02:42:02 GMT
x-amz-cf-pop
FRA56-C2
age
16019
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 13:15:37 GMT
server
AmazonS3
etag
W/"b0f7455a81394937ef0c75fb205042e7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
4jIzX4OVkeQjXOl6ia0Bbzixs8hqstkXggVnyl7PIjsiZlCoXZYEpQ==
float-on-scroll.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/float-on-scroll.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53eead9613627cd1a123090126d881eaaf33a754f3fa5d50a9297f425abc92a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
VOVU7Zxlr.CHh2adNHx0G1ScW7kOGCCC
date
Thu, 19 Jan 2023 15:01:10 GMT
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
57984
x-cache
Hit from cloudfront
content-length
5078
last-modified
Tue, 06 Dec 2022 13:15:36 GMT
server
AmazonS3
etag
"dc3c4fa7f214ef9868ce20001862a36b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
KCWP9_yQoV7VLvKV8qNJse3KI6ksVGKXjqDkvvvDDSerNMg0sMATeg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125890
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:33 GMT
flowplayer.lang.ru.js
cdn.flowplayer.com/releases/native/translations/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
313 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5dbd51abd9e7850a630660fc4f54aef3afdee742ad0df3c1ca7f508ff503396a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1674198453847362-7396179700284274878-vla1-3228-vla-l7-balancer-8080-BAL-1846
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 20 Jan 2023 08:07:33 GMT

Redirect headers

date
Fri, 20 Jan 2023 07:07:33 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location
https://yandex.ru/ads/system/context.js
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
vestywb.js
cf.dxmcdn.com/dta/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/vestywb.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2436d29de150accd2c12d8d0d9573a1a9eb737cf7d3367399c0cb16373350ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 08 Jun 2021 14:35:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
19437
etag
W/"a435da4401729d31985da618671fc2cc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
aZORwpAOwyaUdNAA2XDRIXyhTdQSkD7uU2ZWm2HnIgDzpslueS7Dnw==
1250.png
www.ynetnews.com/Cnt/Images/Weather/ 		672 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ynetnews.com/Cnt/Images/Weather/1250.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

backend-cache-control
date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 17 Jan 2023 13:40:32 GMT
etag
"c2826d31d827d41:0"
content-type
image/png
vx-cache
MISS
cache-control
private, max-age=369272
wai
02
accept-ranges
bytes
content-length
672
v-ttl
0
expires
Tue, 24 Jan 2023 13:42:06 GMT
____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/____.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
768dbaa97f82a2587f62a38375028c588d5d4ccff7fb319a9929171c51f2f907

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 10 Jan 2023 12:16:18 GMT
server
Microsoft-IIS/10.0
age
845461
access-control-allow-methods
GET,POST
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
4244
x-llid
56f6f5cd8f8f403e27c1b690deac0dc3
expires
Thu, 09 Feb 2023 12:16:33 GMT
vesty_logo.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2023/01/08/SkVVgBdcj/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/wcm_upload/2023/01/08/SkVVgBdcj/vesty_logo.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
bf6f8b76a208f928f5daeeba7c5b4de7415e14c26dcf1c69db0bedc58f872a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Sun, 08 Jan 2023 13:08:35 GMT
server
Microsoft-IIS/10.0
age
1015124
access-control-allow-methods
GET,POST
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
1692
x-llid
b2d6cce132a8cc589f20918c4845e831
expires
Tue, 07 Feb 2023 13:08:50 GMT
1250.svg
www.vesty.co.il/images/weather-new-icons/newWeatherSvgs/ 		764 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vesty.co.il/images/weather-new-icons/newWeatherSvgs/1250.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
801c95ec34ac6191be3ad237595e98269b42d0404d206ba1d4e3fb1f0cf5243f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/main
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

backend-cache-control
Date
Fri, 20 Jan 2023 07:07:34 GMT
Last-Modified
Tue, 20 Dec 2022 11:57:18 GMT
ETag
"44f4555cdda4d81:0"
Content-Type
image/svg+xml
VX-Cache
HIT
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
764
V-TTL
5123
9025535_27_0_1181_664_0_x-large.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/01/25/9025535/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/01/25/9025535/9025535_27_0_1181_664_0_x-large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81c6a5103363ffae6312ab873c2d8ef8f5e4024e7d9e5083faa61ed4a33d69b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2225
cf-polished
qual=85, origFmt=jpeg, origSize=50330
content-disposition
inline; filename="9025535_27_0_1181_664_0_x-large.webp"
content-length
45482
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Jan 2023 06:28:53 GMT
server
cloudflare
etag
"981d2e77982cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f95238f591ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SJmXJudTqi_1_158_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/12/SJmXJudTqi/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/12/SJmXJudTqi/SJmXJudTqi_1_158_1280_720_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b3cc863661d90421e4d91d8120ac9441c427aeba6ffc0afe601bf4e27b56a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3015
cf-polished
origSize=13182, status=webp_bigger
content-length
12827
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 20:09:23 GMT
server
cloudflare
etag
"5e4f22ec412cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f95238f891ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
5084260_6_206_1172_660_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2014/01/08/5084260/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2014/01/08/5084260/5084260_6_206_1172_660_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10df7b3be4453c581f0538bb7aa560d8d370f8be355960805c4b39cd9ac74218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6211
cf-polished
degrade=85, origSize=11468, status=webp_bigger
content-length
10292
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 20:22:53 GMT
server
cloudflare
etag
"7883fece432cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f95238f991ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rywKgDrjj_2_0_1495_845_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/rywKgDrjj/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/rywKgDrjj/rywKgDrjj_2_0_1495_845_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd63f94288b9f6cbd5626a076ef44001cc882444407a980da7a0b47a9beeb8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
482
cf-polished
origSize=14472, status=webp_bigger
content-length
14078
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Jan 2023 06:39:46 GMT
server
cloudflare
etag
"fa5bd9fc992cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f95238fb91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
S1j1f9oMoi_611_0_2225_1258_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/S1j1f9oMoi/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/S1j1f9oMoi/S1j1f9oMoi_611_0_2225_1258_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beebc5659e5a7cae96a8459bd196074d0573718cc4752d832cd1c6f8102a5904

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3325
cf-polished
qual=85, origFmt=jpeg, origSize=8512
content-disposition
inline; filename="S1j1f9oMoi_611_0_2225_1258_0_medium.webp"
content-length
8230
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Jan 2023 06:11:09 GMT
server
cloudflare
etag
"92717fd952cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f95238fc91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
B1GX71wji_1_119_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/B1GX71wji/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/B1GX71wji/B1GX71wji_1_119_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6d2710e9a4c8b4b38965d4d1e3466c83322bd4ef24d56d1de0ff28b3ff1909

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6656
cf-polished
origSize=15199, status=webp_bigger
content-length
14888
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 21:02:29 GMT
server
cloudflare
etag
"128d3b57492cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f95238fd91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
S101anEso_0_37_1000_563_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/S101anEso/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/S101anEso/S101anEso_0_37_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a443f0303975a38a561358a347166a210773f9b855b4774211ab1c4a2c249b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 18 Jan 2023 00:28:47 GMT
server
Microsoft-IIS/10.0
age
196669
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
14982
x-llid
7bab26ea054d6586fe8012f24fa472aa
expires
Fri, 17 Feb 2023 00:29:45 GMT
ByMAIGWDjs_0_150_352_198_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/ByMAIGWDjs/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/ByMAIGWDjs/ByMAIGWDjs_0_150_352_198_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17e7941b62e9d78020144a023d87a0dbce3e2ad6a3054ee3570b673f097a9ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3015
cf-polished
origFmt=png, origSize=83544
content-disposition
inline; filename="ByMAIGWDjs_0_150_352_198_0_medium.webp"
content-length
46748
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:54:53 GMT
server
cloudflare
etag
"6c654884372cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952490891ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SyxWK00YUoi_187_0_923_519_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/SyxWK00YUoi/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/SyxWK00YUoi/SyxWK00YUoi_187_0_923_519_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e48f0b075869d346f92e6745344eec197eb9f307ed920f85996e7217089c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4716
cf-polished
qual=85, origFmt=jpeg, origSize=8815
content-disposition
inline; filename="SyxWK00YUoi_187_0_923_519_0_medium.webp"
content-length
8492
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:38:08 GMT
server
cloudflare
etag
"7ee6f52c352cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952490b91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
B1raOkwji_0_0_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/B1raOkwji/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/B1raOkwji/B1raOkwji_0_0_1280_720_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ac0502171d983ad2d3f7f2c146fe5751250072334c4267eaadbe0f096b67ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4716
cf-polished
qual=85, origFmt=jpeg, origSize=2888
content-disposition
inline; filename="B1raOkwji_0_0_1280_720_0_medium.webp"
content-length
1582
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 21:02:28 GMT
server
cloudflare
etag
"bac29f56492cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952490c91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
B1xzHpfii_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/B1xzHpfii/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/B1xzHpfii/B1xzHpfii_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128ebef89d81df41778b299c1a0673ab86b21a967bca57777d7bcc3ed2289e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
7157
cf-polished
origFmt=png, origSize=92997
content-disposition
inline; filename="B1xzHpfii_0_0_850_479_0_medium.webp"
content-length
66840
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 21:02:28 GMT
server
cloudflare
etag
"602dc156492cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952490e91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
9462881_0_0_640_360_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/09/04/9462881/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/09/04/9462881/9462881_0_0_640_360_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30a05fae29bc8c2fd586b84adebea0279eee215600295c5a42279d848b1b41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4408
cf-polished
qual=85, origFmt=jpeg, origSize=36884
content-disposition
inline; filename="9462881_0_0_640_360_0_medium.webp"
content-length
30246
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:44:18 GMT
server
cloudflare
etag
"7cd6cf9362cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952490f91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rJKQRFIio_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/rJKQRFIio/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/rJKQRFIio/rJKQRFIio_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf21d08dfcbae4b40e503c72abe6eecd47a8bc5c448d44d992d996301a30995e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6910
cf-polished
origFmt=png, origSize=106431
content-disposition
inline; filename="rJKQRFIio_0_0_850_479_0_medium.webp"
content-length
69932
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:48:10 GMT
server
cloudflare
etag
"5c4bcd93362cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491191ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
HyX9Q3TSii_0_23_800_451_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/HyX9Q3TSii/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/HyX9Q3TSii/HyX9Q3TSii_0_23_800_451_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639705bd5f73f2667e0ffd7fafcfe4d28a10fd22e33b30a85732d41e8dc54a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3009
cf-polished
qual=85, origFmt=jpeg, origSize=8541
content-disposition
inline; filename="HyX9Q3TSii_0_23_800_451_0_medium.webp"
content-length
7830
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:48:07 GMT
server
cloudflare
etag
"98e42192362cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491291ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rkTOGRp5j_0_0_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/12/rkTOGRp5j/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/12/rkTOGRp5j/rkTOGRp5j_0_0_1280_720_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60763804dbfb4e670552728962104609eef19e844333a6da60a3bf6a26556a91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2429
cf-polished
qual=85, origFmt=jpeg, origSize=7624
content-disposition
inline; filename="rkTOGRp5j_0_0_1280_720_0_medium.webp"
content-length
6778
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 09:12:19 GMT
server
cloudflare
etag
"a242722e62bd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491491ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rJwbnCrjo_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/rJwbnCrjo/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/rJwbnCrjo/rJwbnCrjo_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7023a9d30e44a55ac453193a681a5ecad6668c3ae1531e4aecfbe6ca890c9f1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6910
cf-polished
origFmt=png, origSize=126385
content-disposition
inline; filename="rJwbnCrjo_0_0_850_479_0_medium.webp"
content-length
86086
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:48:07 GMT
server
cloudflare
etag
"8eebb92362cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491691ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
BJPaUp3rjj_0_0_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/BJPaUp3rjj/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/BJPaUp3rjj/BJPaUp3rjj_0_0_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9873665e7bec72ba53ba5bd2517090b12d3d7e8f257d6159942e3c26bdee54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4902
cf-polished
qual=85, origFmt=jpeg, origSize=11491
content-disposition
inline; filename="BJPaUp3rjj_0_0_3000_1688_0_medium.webp"
content-length
11076
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:48:09 GMT
server
cloudflare
etag
"aee1d93362cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491791ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rym1t6Ijs_0_145_1280_721_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/rym1t6Ijs/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/rym1t6Ijs/rym1t6Ijs_0_145_1280_721_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056a419c036aea7b42c9c55d7be4058b1a88d1e7a923b9aaa0154dc1c921e4fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2292
cf-polished
origSize=10867, status=webp_bigger
content-length
10721
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Jan 2023 06:12:06 GMT
server
cloudflare
etag
"eec8451f962cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491991ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
S1F8MZNEq_0_33_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/04/13/S1F8MZNEq/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/04/13/S1F8MZNEq/S1F8MZNEq_0_33_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b5b29107f16aeff5c67d6cccf2531bcac4a99e380f1ab134e9adb4a0a2e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3014
cf-polished
qual=85, origFmt=jpeg, origSize=14494
content-disposition
inline; filename="S1F8MZNEq_0_33_1000_563_0_medium.webp"
content-length
11664
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 20:11:58 GMT
server
cloudflare
etag
"fca8eb48422cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491a91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
9104231_0_0_1001_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/03/06/9104231/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/03/06/9104231/9104231_0_0_1001_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d001a1a2dd7696b73533d5276c9390ceb52150a67a796d3f31bbc6bc627916fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2063
cf-polished
qual=85, origFmt=jpeg, origSize=13772
content-disposition
inline; filename="9104231_0_0_1001_563_0_medium.webp"
content-length
12124
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 17:19:40 GMT
server
cloudflare
etag
"c056c2362a2cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491b91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
ry11Kc11SShc_1_0_1000_563_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/07/20/ry11Kc11SShc/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/07/20/ry11Kc11SShc/ry11Kc11SShc_1_0_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a295275fe0bb374b278a13863d42ee7d64cf6b43ca0e5f145260af63ee441837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Thu, 19 Jan 2023 13:58:33 GMT
server
Microsoft-IIS/10.0
age
61700
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
21548
x-llid
592e320c85729e57b5a6bcd0f59a2da2
expires
Sat, 18 Feb 2023 13:59:14 GMT
rJQVpOLis_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/rJQVpOLis/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/19/rJQVpOLis/rJQVpOLis_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0eef0cb070ef6b97945f362bedd6b5d1234d263e831eb98c823e57cdb1a731c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6482
cf-polished
origFmt=png, origSize=104948
content-disposition
inline; filename="rJQVpOLis_0_0_850_479_0_medium.webp"
content-length
70162
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 16:21:29 GMT
server
cloudflare
etag
"22293416222cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491c91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
HysGQnC2c_0_0_979_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/07/27/HysGQnC2c/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/07/27/HysGQnC2c/HysGQnC2c_0_0_979_551_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
56dccfe08a52dc92c1206ee978f48cb9a21b0820ea595d70c92d57e6bf237604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 27 Dec 2022 13:56:22 GMT
server
Microsoft-IIS/10.0
age
2049054
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
10294
x-llid
b3f790dbd72d2b30dfc52545d556288b
expires
Thu, 26 Jan 2023 13:56:40 GMT
ryRFlMnqs_0_0_1333_750_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/ryRFlMnqs/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/ryRFlMnqs/ryRFlMnqs_0_0_1333_750_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
31c5204deaca16f08eeedaa25af40ff5dd6bdbc4b3068b3bf496f3ac146f475c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 11 Jan 2023 10:34:44 GMT
server
Microsoft-IIS/10.0
age
765156
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
12123
x-llid
cdb5979a01fb62212d66f117360dbeba
expires
Fri, 10 Feb 2023 10:34:58 GMT
HkcoIXPOo_46_1_1114_627_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/12/14/HkcoIXPOo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/12/14/HkcoIXPOo/HkcoIXPOo_46_1_1114_627_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
ce7851a34e791efe4c6f3ae9f1588ff624cdf66671f534a9ed45c18aca0fed82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 27 Dec 2022 13:56:23 GMT
server
Microsoft-IIS/10.0
age
2049054
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
14493
x-llid
f82dfa1626540bc3c3ad7ea9c2c5963e
expires
Thu, 26 Jan 2023 13:56:40 GMT
Hy5p01135i_0_0_1333_750_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/Hy5p01135i/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/Hy5p01135i/Hy5p01135i_0_0_1333_750_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
87696605902b27f0d7146ca59bbcc53e843db5e623d5044b7eb7d04ced7742d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 11 Jan 2023 10:27:35 GMT
server
Microsoft-IIS/10.0
age
765581
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
14781
x-llid
8a8fad45d2dc7b2c02ad54b9131862e1
expires
Fri, 10 Feb 2023 10:27:53 GMT
Sye6u11r7nY_0_0_980_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/01/05/Sye6u11r7nY/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/01/05/Sye6u11r7nY/Sye6u11r7nY_0_0_980_551_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
fff2a3783c20453f5b6bbad22c5e4699870ddf8a5ba041afd812a2c89e35a7cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 11 Jan 2023 09:38:21 GMT
server
Microsoft-IIS/10.0
age
768537
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
13896
x-llid
7fa03c18dc1621ec861ad8a48d8f8a34
expires
Fri, 10 Feb 2023 09:38:37 GMT
rJkEP3Guw_2_209_979_552_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/10/25/rJkEP3Guw/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2020/10/25/rJkEP3Guw/rJkEP3Guw_2_209_979_552_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a29e11b1cd66261fe321cd6c93283677795d8544c1654e62393b8cf271eb1d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 27 Dec 2022 13:56:22 GMT
server
Microsoft-IIS/10.0
age
2049054
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
10245
x-llid
0f655c3cc0ddcf54503fb2ecdb41f182
expires
Thu, 26 Jan 2023 13:56:40 GMT
B1Cdfk7os_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/B1Cdfk7os/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/B1Cdfk7os/B1Cdfk7os_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fd8bf0126ebf66d05ead9426e1aaa5b1e8d463dc7b2afb0ca0227c926ce4da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6911
cf-polished
origFmt=png, origSize=82569
content-disposition
inline; filename="B1Cdfk7os_0_0_850_479_0_medium.webp"
content-length
52978
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:44:17 GMT
server
cloudflare
etag
"18d9409362cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952491e91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SJ3UB00Isi_1_105_1000_563_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/19/SJ3UB00Isi/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/19/SJ3UB00Isi/SJ3UB00Isi_1_105_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a72f8d10625c97c18083754c5375ee413f5eb48a895484d7f5de93f567853be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Thu, 19 Jan 2023 07:51:01 GMT
server
Microsoft-IIS/10.0
age
83749
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
6790
x-llid
419fb15f3e33615e804d3c94c56ec8c5
expires
Sat, 18 Feb 2023 07:51:45 GMT
SJWstoX3I_0_0_500_283_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/06/02/SJWstoX3I/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2020/06/02/SJWstoX3I/SJWstoX3I_0_0_500_283_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
85539a85914b5a3d5b209a2b9d82293873e16e7dd0aba23e9f61ad69509e3b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 18 Jan 2023 18:04:11 GMT
server
Microsoft-IIS/10.0
age
133358
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
19634
x-llid
f81e7af06cfadf89b19724463757000f
expires
Fri, 17 Feb 2023 18:04:56 GMT
9131601_4_0_497_280_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2019/03/19/9131601/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2019/03/19/9131601/9131601_4_0_497_280_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
bb6cdf95c0f841d5516fb009c02584607760465af9b709ac62c8cff1fd468bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 18 Jan 2023 14:49:37 GMT
server
Microsoft-IIS/10.0
age
144633
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
38344
x-llid
0e0b155e31477050ecfc6d2f121cd81e
expires
Fri, 17 Feb 2023 14:57:01 GMT
SkMgBDIIc_0_0_955_539_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/05/09/SkMgBDIIc/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/05/09/SkMgBDIIc/SkMgBDIIc_0_0_955_539_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
fcb6268ec4762ed837aeb7dfc6648accf6a8f1e9b93ff456ea346a0983c0f147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Thu, 19 Jan 2023 09:04:38 GMT
server
Microsoft-IIS/10.0
age
79353
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
12000
x-llid
793e1c1ff4658e7719c79deaa0c8fa94
expires
Sat, 18 Feb 2023 09:05:01 GMT
HJr6oitYfc_0_40_980_552_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/HJr6oitYfc_0_40_980_552_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
5ab156be3a28d754bf5958340a2d3784d407fe1cd92b98ac70e0d6fdd5193749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Thu, 19 Jan 2023 12:14:01 GMT
server
Microsoft-IIS/10.0
age
67824
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
8492
x-llid
a30c7c3cc00cecae8d8f66e4b1f4c6db
expires
Sat, 18 Feb 2023 12:17:10 GMT
rkXrBc9qo_0_0_1501_845_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/10/rkXrBc9qo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/10/rkXrBc9qo/rkXrBc9qo_0_0_1501_845_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05afe8190bf88bdde532a60a2bcf608db14439d46cc1a71da6e22aaca6f49692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6974
cf-polished
degrade=85, origSize=12560, status=webp_bigger
content-length
12304
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 15:32:53 GMT
server
cloudflare
etag
"b8c76a21522bd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592291ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
HyCYmBrji_580_851_1648_927_90_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/HyCYmBrji/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/HyCYmBrji/HyCYmBrji_580_851_1648_927_90_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
da082d50ec406aa60aa7c5bf819cb38b40f66353d5c8352fcf046aacb3d302ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 18 Jan 2023 10:45:34 GMT
server
Microsoft-IIS/10.0
age
159573
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
7694
x-llid
bddd95e0268d6852875f2dcd242670b2
expires
Fri, 17 Feb 2023 10:48:01 GMT
r1d2tErso_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/r1d2tErso/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/r1d2tErso/r1d2tErso_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f76808a08106252464d9203456b91b7da6dac5bcd98f4cf29374e8dd9d3e595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2063
cf-polished
origFmt=png, origSize=97196
content-disposition
inline; filename="r1d2tErso_0_0_850_479_0_medium.webp"
content-length
64940
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 18:49:24 GMT
server
cloudflare
etag
"f6c9c2956d2bd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592591ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rywKgDrjj_2_0_1495_841_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/rywKgDrjj/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/rywKgDrjj/rywKgDrjj_2_0_1495_841_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45c5872728d497f8ef40a65c4ae6c72a29abf4d641721f19f3776df9fb93cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
1482
cf-polished
origSize=14431, status=webp_bigger
content-length
14045
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Jan 2023 06:40:58 GMT
server
cloudflare
etag
"14eb78279a2cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592691ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
Sk3tAMIFq_0_0_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/06/14/Sk3tAMIFq/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/06/14/Sk3tAMIFq/Sk3tAMIFq_0_0_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5569b4e1199e05529c623271ac06e8b5d60b609bc967dcc06ffd5d5a251a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6910
cf-polished
degrade=85, origSize=16963, status=webp_bigger
content-length
16907
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 18:48:09 GMT
server
cloudflare
etag
"5643e93362cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592791ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
H1l0wOroj_7_0_861_485_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/H1l0wOroj/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/H1l0wOroj/H1l0wOroj_7_0_861_485_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a25e50ecc0e7a44d3f555f99255b3c963bb591b76529265c3544b3636f2594d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 18 Jan 2023 13:45:38 GMT
server
Microsoft-IIS/10.0
age
148755
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
11938
x-llid
0d6fe28cbfc1e7ff7f4d0f5c12f65624
expires
Fri, 17 Feb 2023 13:48:19 GMT
9928395_0_0_1280_721_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2020/04/24/9928395/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2020/04/24/9928395/9928395_0_0_1280_721_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a2062b641fbfb4ba310e417594f74179e75ed39b729958143c63d3a4809876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3009
cf-polished
origSize=12808, status=webp_bigger
content-length
12550
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 13:52:40 GMT
server
cloudflare
etag
"eac23d4cd2cd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592891ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SyTIIe4sj_0_52_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/17/SyTIIe4sj/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/17/SyTIIe4sj/SyTIIe4sj_0_52_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
719e1b78b18496beb0fffecef52c36a6a06b15201c93f7af8fd85b4c1bbccfc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
5972
cf-polished
qual=85, origFmt=jpeg, origSize=6879
content-disposition
inline; filename="SyTIIe4sj_0_52_1000_563_0_medium.webp"
content-length
5884
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 10:29:13 GMT
server
cloudflare
etag
"50a0eab5272bd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592991ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
9147100_94_100_887_499_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/03/26/9147100/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/03/26/9147100/9147100_94_100_887_499_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bfce24cb8aa4e3c3acd17491ee4e50e55a22204c67ea04d407d28cff7cd0cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
1889
cf-polished
qual=85, origFmt=jpeg, origSize=11306
content-disposition
inline; filename="9147100_94_100_887_499_0_medium.webp"
content-length
10356
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 19:11:04 GMT
server
cloudflare
etag
"ee4bfac6392cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592a91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
HkhnjZr0L_0_123_2016_1136_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2020/06/27/HkhnjZr0L/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2020/06/27/HkhnjZr0L/HkhnjZr0L_0_123_2016_1136_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1809242dfefcbae934eccda462fa2655185ffe83c95ba9e9a6770d593c025dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2962
cf-polished
origSize=18425, status=webp_bigger
content-length
17609
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 13:20:36 GMT
server
cloudflare
etag
"9642a9a63f2bd91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592b91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
S1jlbhEoj_1_20_490_276_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/S1jlbhEoj/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/18/S1jlbhEoj/S1jlbhEoj_1_20_490_276_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
4ef66b465b81a0b014210b433c9ab0868b6507f8f53bdc155fdc29369bdffc43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 18 Jan 2023 05:41:40 GMT
server
Microsoft-IIS/10.0
age
177939
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
24638
x-llid
438db9f89f251169f7e541842a9ec643
expires
Fri, 17 Feb 2023 05:41:55 GMT
H198j7Qjo_0_170_796_448_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/H198j7Qjo/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/H198j7Qjo/H198j7Qjo_0_170_796_448_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ab7e32a5d720233de3658848ad4bb9845a313bffeda85a53354a9879f7bd08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4077
cf-polished
qual=85, origFmt=jpeg, origSize=8132
content-disposition
inline; filename="H198j7Qjo_0_170_796_448_0_medium.webp"
content-length
7804
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:27:57 GMT
server
cloudflare
etag
"b847fae47f2ad91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592c91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
r1003200fjo_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/r1003200fjo/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/r1003200fjo/r1003200fjo_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1653aa5d9b0e8942626817408740b50fa0fb3a224ef5c6cc5a0731ab8f487c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
6974
cf-polished
origFmt=png, origSize=104047
content-disposition
inline; filename="r1003200fjo_0_0_850_479_0_medium.webp"
content-length
68838
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Jan 2023 20:28:58 GMT
server
cloudflare
etag
"6eae8529e929d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952592e91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
S1j1f9oMoi_430_0_2235_1258_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/S1j1f9oMoi/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/S1j1f9oMoi/S1j1f9oMoi_430_0_2235_1258_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649958d435db5781e2841b7be820b211b1b9a4bc5a3de6fceeb28fd94a8a0e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
3196
cf-polished
qual=85, origFmt=jpeg, origSize=8802
content-disposition
inline; filename="S1j1f9oMoi_430_0_2235_1258_0_medium.webp"
content-length
8626
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Jan 2023 06:12:06 GMT
server
cloudflare
etag
"ba32241f962cd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593091ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SJuso9bti_0_73_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/12/22/SJuso9bti/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/12/22/SJuso9bti/SJuso9bti_0_73_1280_720_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c16722cdc9bebdde63efc326c573c7ec843002974b981764c4e7d21b432f41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
2962
cf-polished
qual=85, origFmt=jpeg, origSize=12066
content-disposition
inline; filename="SJuso9bti_0_73_1280_720_0_medium.webp"
content-length
11464
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 05:55:23 GMT
server
cloudflare
etag
"52daca7412bd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593191ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
S16C00qfso_1_0_980_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/S16C00qfso/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/S16C00qfso/S16C00qfso_1_0_980_551_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
237feea02ff1d343b833fc17155dbbeefca9b5f4973bd5aaf1ae2f65f94a41d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Mon, 16 Jan 2023 09:34:39 GMT
server
Microsoft-IIS/10.0
age
336248
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
17574
x-llid
2ac2afc94b805524d929e872e99a46d4
expires
Wed, 15 Feb 2023 09:43:26 GMT
H1Ka4l5Fj_0_124_2001_1125_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/12/28/H1Ka4l5Fj/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-images1.yit.co.il/picserver5/crop_images/2022/12/28/H1Ka4l5Fj/H1Ka4l5Fj_0_124_2001_1125_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 /
Resource Hash
67a5d48911a0c5b5a0c30616db7cba79329f2fa7e1a2a91845404e093c8bad79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Wed, 28 Dec 2022 16:57:55 GMT
server
Microsoft-IIS/10.0
age
1951730
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
content-length
15832
x-llid
1f5f35e3f3d78201fab6331726fd1926
expires
Fri, 27 Jan 2023 16:58:44 GMT
BJVR11kOzo_1_67_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/10/03/BJVR11kOzo/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/10/03/BJVR11kOzo/BJVR11kOzo_1_67_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416f86e2a6c273f862b59a45e8501521d71c565523a8f0f5e3490910924533fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4888
cf-polished
degrade=85, origSize=26009, status=webp_bigger
content-length
23938
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 15:07:08 GMT
server
cloudflare
etag
"f0122d5e852ad91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593391ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
Bkz1GaZHji_0_66_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/Bkz1GaZHji/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/18/Bkz1GaZHji/Bkz1GaZHji_0_66_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
940b31c530111612cc52a75ce3d6fb010ab7c7c8f6ed295479fed5631071e436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4888
cf-polished
qual=85, origFmt=jpeg, origSize=13614
content-disposition
inline; filename="Bkz1GaZHji_0_66_3000_1688_0_medium.webp"
content-length
10786
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 09:17:00 GMT
server
cloudflare
etag
"c6dbbe9e1d2bd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593491ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
rknHOsC5o_11_0_790_444_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/13/rknHOsC5o/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/13/rknHOsC5o/rknHOsC5o_11_0_790_444_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08933caf59427981c1b7f99c497020de076cef38f25ea00906bd5a75f2313089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4888
cf-polished
origSize=12657, status=webp_bigger
content-length
12296
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Jan 2023 06:21:48 GMT
server
cloudflare
etag
"a0b8bed07229d91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593591ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SkIbpfMto_0_170_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/12/22/SkIbpfMto/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/12/22/SkIbpfMto/SkIbpfMto_0_170_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb51c182d566f99a1c8bf3c047d9957bf1a6461bd5e532e790986110de44f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
5988
cf-polished
degrade=85, origSize=14290, status=webp_bigger
content-length
13185
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Jan 2023 06:21:48 GMT
server
cloudflare
etag
"7c2e90d07229d91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593891ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
SySZvM8Fi_26_0_2268_1276_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/12/25/SySZvM8Fi/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/12/25/SySZvM8Fi/SySZvM8Fi_26_0_2268_1276_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e007076276835ef93e024cba74147e571758e9058024192b9e32417249ee6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
7033
cf-polished
origSize=14595, status=webp_bigger
content-length
14237
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Jan 2023 06:21:49 GMT
server
cloudflare
etag
"4caded17229d91:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593991ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
5526185_0_381_1276_718_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2014/08/16/5526185/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2014/08/16/5526185/5526185_0_381_1276_718_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:79e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7443332f32b560d1e225a5dd44d20ec518a720adf470021fb1ea50529432ebe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
age
4888
cf-polished
qual=85, origFmt=jpeg, origSize=14490
content-disposition
inline; filename="5526185_0_381_1276_718_0_medium.webp"
content-length
12500
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Jan 2023 06:21:49 GMT
server
cloudflare
etag
"24d9ddd07229d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
78c5f952593a91ff-FRA
expires
Sat, 28 Jan 2023 07:07:34 GMT
gtm.js
www.googletagmanager.com/ 		163 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d367721a1674a9e7d78984712cbff77710fceea65dc2e66e68eab8d84a1f4712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
55249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 07:07:34 GMT
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 04:20:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		66 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vesty.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de0529d3c675751b762e820612467f5df0c8c3d293602e0d20179e0aafcd6b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:33 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:20:12 GMT
content-encoding
gzip
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA56-C2
age
2844
etag
W/"61b8b8ab-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
pS-H3XMmoatVjU06kzg0fCGY_GGwVxo0p1A8eL9Pf3sv9bhpXn7k_Q==
expires
Fri, 20 Jan 2023 07:20:10 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-94.fra56.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
a54698716d6bdf05461dacddc79e41c1fa52d110daa73ca134e7aa1b5324acd6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:30:21 GMT
content-encoding
br
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified
Fri, 20 Jan 2023 06:30:21 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA56-C2
age
2233
x-powered-by
PHP/8.0.14
etag
W/"27662755f956c23a5da0aca57aac0721"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FnIJmuULRbdOqzLDpMiMJyYAKSM-VZtnOdW55GFpgqFno1IMtTrR6w==
x-xss-protection
0
1c0942547d39e10f5f56.js
yastatic.net/partner-code-bundles/707889/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/707889/1c0942547d39e10f5f56.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c516cc6ab6f3e6c69d57da96b78df1d404e2b49d2d0d3a59febb1f50c0e58241
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4802
last-modified
Tue, 17 Jan 2023 16:26:30 GMT
server
nginx/1.17.9
etag
"f9b1683cb4438a8298756f4a81599d3a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Jan 2053 13:41:39 GMT
1fda81bad5d8c34ee89e.js
yastatic.net/partner-code-bundles/707889/ 		108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/707889/1fda81bad5d8c34ee89e.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c27fa45d64dab3f576041b0c1b7638360e689b5862bbae3a25b3bfe9e2ea074b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
23544
last-modified
Tue, 17 Jan 2023 16:26:30 GMT
server
nginx/1.17.9
etag
"c4f4a4b00aba2f0ccd931a67903c1197"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Jan 2053 13:41:39 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Jan 2053 13:39:43 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
d64740eccabbf4c8
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 12:52:55 GMT
07cea2bf8567304efc16.js
yastatic.net/partner-code-bundles/707889/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/707889/07cea2bf8567304efc16.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
524569c74d5f0a94c706361dad1b41c7721763578d7023a1f0c9c17b8b29f6b5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7926
last-modified
Tue, 17 Jan 2023 16:26:30 GMT
server
nginx/1.17.9
etag
"103df40cc12a6345d22bcc4f2d844774"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Jan 2053 13:41:39 GMT
5bcc4fdbaadfa84a37b9.js
yastatic.net/partner-code-bundles/707889/ 		572 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/707889/5bcc4fdbaadfa84a37b9.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
059e426ddeebed5b47febbbc8334c2f1e5184263fb84cac2a8e29b710745991e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
111605
last-modified
Tue, 17 Jan 2023 16:26:31 GMT
server
nginx/1.17.9
etag
"467535e8d31552baf4c1983df66bbf3c"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Jan 2053 13:41:39 GMT
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		276 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		702 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		639 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		241 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		370 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
397e1fa6b641266ac6537f43be08647287bafc72dff55f1b04d58e464e5c3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
543bee066850ffda34784bf04f96f06246a16f0a57d64a504fe459177e79056e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
accessibility.js
js.nagich.co.il/core/4.2.2/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.nagich.co.il/core/4.2.2/accessibility.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
624385
x-powered-by
ASP.NET
last-modified
Mon, 27 Dec 2021 12:02:00 GMT
server
cloudflare
etag
W/"0eca68d19fbd71:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgUohqKoUxon9bUYGMfXOn9YsMyL9mHN2eVconpOmXyoz7JpUK4T8beI%2BrZm51mCENrvHTr4ALAZvOyJj7mEQyNc74ggItAAgK1QudJ8arFA73hhZE1Z4UOdZS%2B9JeTd%2F7Y7ChDhd227OXOUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
78c5f952ae629136-FRA
impl.20230119-16-RELEASE.js
cdn.taboola.com/libtrc/ 		725 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ed632a55f60a08a1cdae99207d0e4dab9544e60059b0378e510762c1a9e4f950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
xZ1lYpZ0YQnMR5ETSR7vPGQz1.d9X6CV
content-encoding
br
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:34 GMT
x-amz-request-id
FW61B5DCDBB144GT
age
572
x-cache
HIT
content-length
154495
x-amz-id-2
ryyDxPMnJFWxLPp/kWnhe2CzfK8U3UV7jwLw1h3zmJNLsjBhNNp3lAGMf3Q1VnZVTrnNnIH+xGM=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:49:51 GMT
server
AmazonS3-br
x-timer
S1674198454.259167,VS0,VE6
etag
"5aa6f98ed6fe80c9cea44952143ffa2f"
vary
Accept-Encoding
content-type
application/javascript
abp
29
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1
tr5
cdn.taboola.com/libtrc/ 		3 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=po_test_ctrl
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-yyz4578-YYZ
date
Fri, 20 Jan 2023 07:07:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674198454.259300,VS0,VE0
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
/
ads.google.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.google.com/
Requested by
Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/widgets.303605fef38f90ef4d80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
1250.png
www.vesty.co.il/Cnt/Images/Weather/ 		672 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vesty.co.il/Cnt/Images/Weather/1250.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/main
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

backend-cache-control
Date
Fri, 20 Jan 2023 07:07:34 GMT
Last-Modified
Tue, 17 Jan 2023 19:44:45 GMT
ETag
"c2826d31d827d41:0"
Content-Type
image/png
VX-Cache
MISS
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
672
V-TTL
0
5B3OZHWAV
www.vesty.co.il/iphone/json/api/auto_ticker/ 		34 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/iphone/json/api/auto_ticker/5B3OZHWAV
Requested by
Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a5444e808aaf51b853bdd48dc31d55008a323f6580f2af1d00084a6c30c99f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.vesty.co.il/main
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

backend-cache-control
x-me
${S_HOSTNAME}
x-version
V3
content-encoding
gzip
date
Fri, 20 Jan 2023 07:07:34 GMT
vx-cache
HIT
wai
01
v-ttl
0
content-length
7567
last-modified
Fri, 20 Jan 2023 07:05:48 GMT
osv
c8
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
vg_id
2
accept-ranges
bytes
5B3OZHWAV
www.vesty.co.il/iphone/json/api/auto_ticker/ 		34 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/iphone/json/api/auto_ticker/5B3OZHWAV
Requested by
Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a5444e808aaf51b853bdd48dc31d55008a323f6580f2af1d00084a6c30c99f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.vesty.co.il/main
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

backend-cache-control
x-me
${S_HOSTNAME}
x-version
V3
content-encoding
gzip
date
Fri, 20 Jan 2023 07:07:34 GMT
vx-cache
HIT
wai
01
v-ttl
0
content-length
7567
last-modified
Fri, 20 Jan 2023 07:05:48 GMT
osv
c8
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
vg_id
2
accept-ranges
bytes
6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js?d=2023-01-20
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/vestywb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 14:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 14:01:01 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
expires
Sun, 19 Feb 2023 07:07:34 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		224 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2675240356490333&correlator=1450751555138145&eid=31071151%2C31071775&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=6870%2Cvesty%2Cdesktop%2Cinterstitial.adx%2Ctop%2Ccentral%2Cbox.1%2Cskyscraper.inner.1%2Cbox.2%2Cbig.strip.1%2Cbig.strip.2%2Cskyscraper.left%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2C%2F0%2F1%2F2%2F6%2F5%2C%2F0%2F1%2F2%2F7%2F5%2C%2F0%2F1%2F2%2F8%2F5%2C%2F0%2F1%2F2%2F9%2F5%2C%2F0%2F1%2F2%2F10%2F5%2C%2F0%2F1%2F2%2F11%2F5%2C%2F0%2F1%2F2%2F12%2F5&prev_iu_szs=1x1%2C1x1%7C1x2%7C970x90%7C970x250%7C1000x200%7C970x130%7C970x350%7C970x100%7C1192x250%7C1192x350%7C1192x90%7C1192x100%7C1192x130%2C300x250%2C300x497%2C320x50%7C300x232%2C1240x125%7C970x90%2C1240x125%7C970x90%2C160x600%7C160x601%7C1x1%2C160x600%7C160x601%7C1x1&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ifi=1&adks=2106902652%2C4127172794%2C886418757%2C1867879690%2C4076061201%2C3616679890%2C645496518%2C273824712%2C2495267343&sfv=1-0-40&ists=256&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&cust_params=ynfi%3D0%26dckw%3D0%26ngch%3D0%26yrca%3D0%26dcTag%3D%26ynch%3D50.Vesti-1.Home%26dcPath%3D50.Vesti-1.Home%26dccg%3Dmain%26ynvc%3D0%26yncd%3D50%26callType%3DGPT%26dcsch%3Dnull%26dccw%3Dhigh_res%26dcsw%3D1600%26dcunigpt%3Dview1%26charset%3DUTF-8%26permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1674198454584&lmt=1674197859&dlt=1674198453580&idt=790&adxs=-9%2C315%2C810%2C1120%2C810%2C180%2C180%2C0%2C1440&adys=-9%2C5%2C656%2C656%2C921%2C2551%2C3042%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C0%7C1%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain&frm=20&vis=1&psz=0x-1%7C1240x10%7C300x-1%7C300x-1%7C300x-1%7C1240x-1%7C1240x-1%7C1600x3579%7C1600x3579&msz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C1240x-1%7C1240x-1%7C160x-1%7C160x-1&fws=2%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=642865723.1674198455&ga_sid=1674198455&ga_hid=1689014973&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa9e840100af2080b2a65cda25d4f9d9614f27afee9ef177203bc75d306fb4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47492
x-xss-protection
0
google-lineitem-id
-2,-1,6191108860,-1,6190901432,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,138418266869,-1,138419756253,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Sat, 20 Jan 2024 07:07:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011101.js?cb=31071775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13715
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 04:22:42 GMT
style.css
js.nagich.co.il/style/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.nagich.co.il/style/style.css
Requested by
Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1552103
x-powered-by
ASP.NET
last-modified
Wed, 15 Dec 2021 11:05:22 GMT
server
cloudflare
etag
W/"04554a7a3f1d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt95U8uGr96AzeaDwaO3%2Bm2yrgukq2eKAcEVyyf68PtfpTwxrMza6T2iZolEU8p7MggrGtQPUWSEIjUhA%2BQImqOTMJHe4PHxGVgQ%2FDB4seLxdA7FPtNWxfgsk4JuL6q4mydxb5s8%2FMrhjtVphw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
78c5f9554b399136-FRA
btncolor.css
js.nagich.co.il/style/ 		103 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.nagich.co.il/style/btncolor.css
Requested by
Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
624384
x-powered-by
ASP.NET
last-modified
Mon, 11 Feb 2019 10:07:59 GMT
server
cloudflare
etag
W/"e97d81aaf1c1d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJaIU5ztCsi%2BGPu%2B0TpeAXr6%2FiapIhtu0ScVMxC9i20SO1tCIkdZIbhVoK6frughmRlEqLHUjsUInrQqsE%2F4AVJQ58BVm5Wb5yYusdy7n2k1Gk3DmX9sUneD%2Bayms9kYapmyCW%2B6YnmzgKG10Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
78c5f9554b3d9136-FRA
ru.json
js.nagich.co.il/assets/locale/ 		2 KB
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.nagich.co.il/assets/locale/ru.json
Requested by
Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 15 Jun 2021 15:40:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ef1e2c9fc61d71:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97fnltlF54weNBKsI%2B20hK4dPsTsz%2F9Ut4BWURe%2BgqYlhK5piZ37ZW7Gf5gam7IeifVPjqLhhx6ekQnQAdlrlWkWes4bMA9yDHP81qc1XDToOTqVQsCgRZNhcWGFkbMmOPPOodC7xDL9uIr7uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
78c5f9554b3e9136-FRA
pdf.js
js.nagich.co.il/assets/scripts/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.nagich.co.il/assets/scripts/pdf.js
Requested by
Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
624334
x-powered-by
ASP.NET
last-modified
Sun, 23 Feb 2020 12:50:59 GMT
server
cloudflare
etag
W/"80fb6ce547ead51:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUe1RnIxM2xLjUhtfZ2wy%2FHCWwSuiZUIYRuq2J8uJlDrOYDcM2SW8XJFFc2J%2FTQsLgxyzjz5iX5K7wJ0cDfFA%2BdNMIJdNh3SEHlzU1277vlrw7WMal%2B012e5pZ2mpKPh8WtbTH7AV3r4udORLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
78c5f9554b409136-FRA
card-interference-detector.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82708d353a2cd0a5bdc09acd2740caae7f8f358e97515e4220842c1d2c5e1f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
w9jSpby7Lvoh2wwj.n0sIuNo583Ta9.o
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:34 GMT
x-amz-request-id
K1XCAT9Y2P0QKS0C
age
58144
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2181
x-amz-id-2
vrq1VKMhu8wNTI3WOr8SyFt3Ov3lyvCO0F2xpvtPlmZnUz0POYmqd69REeJmTfdAesicbJyncWo=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:49:58 GMT
server
AmazonS3
x-timer
S1674198455.678801,VS0,VE0
etag
"6797de6938ba256ce2b5d8425e35b31f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
55
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
523502
expires
60
json
trc.taboola.com/ynet-vesty/trc/3/ 		118 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/trc/3/json?tim=07%3A07%3A34.636&lti=po_test_ctrl&data=%7B%22id%22%3A748%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1674121326186%2C%22vi%22%3A1674198454634%2C%22cv%22%3A%2220230119-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A10071%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22vpi%22%3A%22%2Fmain%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3579%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-wide-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Home%20Page%20Thumbnails%20ND%22%2C%22orig_uip%22%3A%22Mid%20Home%20Page%20Thumbnails%20ND%22%2C%22cd%22%3A1934%2C%22mw%22%3A1240%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbs-feed-01%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20ND%22%2C%22orig_uip%22%3A%22Below%20Homepage%20ND%22%2C%22cd%22%3A3534%2C%22mw%22%3A1240%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20ND%3Dthumbs-feed-01%3Aabp%3D0%2C%2CMid%20Home%20Page%20Thumbnails%20ND%3Dthumbnails-wide-nd%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22po_test_ctrl%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f4f8788d01cc5531e761de8ad78feda74b12574456207f9f35118332ff7d7d5

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
560
date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-yyz4578-YYZ
server
nginx
x-timer
S1674198455.691345,VS0,VE560
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.vesty.co.il
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/ynet-vesty/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/ynet-vesty/log/2/debug?tim=07%3A07%3A34.630&type=usage&msg=rtus&llvl=2&id=3604&cv=20230119-16-RELEASE&lt=po_test_ctrl&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12989
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2367126
x-guploader-uploadid
ADPycdtTROAHQtWDLV0gfRmao0FOawxrJsulE7r60Nl3MV2Me9jyDDP6yFi2m0_jQoPfyY9HAFttCJMgFL9-Vax9euY2Pw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODfeoK%2ByCOy1n6%2BOvD2BvCi5NewlsefCHcPbN1oTUp3Pm6ZjzYwarX3%2F2IeO2h5gALczkzZmJhPHM0EN%2FAa7%2Fxen%2B8WEBrZDY0wHKd7tNgfmNUFW9%2BnwMrHZyjOX9nqbaDxTe1Mu4J8lVtMrKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
78c5f955ac859183-FRA
expires
Fri, 23 Dec 2022 21:39:29 GMT
px.gif
ad-delivery.net/ 		43 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.825878553800705
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2367126
x-guploader-uploadid
ADPycdtTROAHQtWDLV0gfRmao0FOawxrJsulE7r60Nl3MV2Me9jyDDP6yFi2m0_jQoPfyY9HAFttCJMgFL9-Vax9euY2Pw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lkKYFv3gAh5Hs%2FqePUjj0YKRakT5NLLnPb7jGAuAamT89dmbzV%2Bx2MZWl9rZlBVOps0IaDWxFYJBWfiGigRkkyZF73K1KGjaWYAsPwqarUzO1MseaW9Ocb0qVBriRPnajc2Mpxn1DGBJnsrZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
78c5f955ac899183-FRA
expires
Fri, 23 Dec 2022 21:39:29 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7787&url=%2Fmain&charset=UTF-8&ch=7&ref=www.vesty.co.il&viewerId=null&referer=&_firid=95211655
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-94.fra56.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
8499af3e30316af00f04982197057727772212d9e26d6d4a4f01e12ad9b3836d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
gzip
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
938
pragma
no-cache
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
8D1bdmMd0WtV7d8rQhioABMFZKjgVoHzKFh4NOZg2-EjJl99-tuXqg==
expires
0
optimize.js
www.googleoptimize.com/ 		108 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-KXPKGJR
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
852ba8997dc1fa71bc000b31d9af5bbbf7d3de94833750c779ece5f04d33e261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43375
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 07:07:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 06:26:10 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2484
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 08:26:10 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
648fc57c6d1b8866c5a626a602b4e213a7e8f704ba37a616e4b7dfdc23107e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77786
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 07:07:34 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=VkDa47vw&w=5732901039636480&o=6244355308257280&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain&sid=ECNetNR6J&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 07:07:34 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
collect
region1.google-analytics.com/g/ 		0
338 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=2oe1i0&_p=1689014973&cid=642865723.1674198455&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674198454&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5536870-20&cid=642865723.1674198455&jid=1555660252&gjid=733584623&_gid=182896465.1674198455&_u=aCDAgEABQAAAAEAAI~&z=2001757696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 20 Jan 2023 07:07:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1689014973&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain%3Fprof%3D50.Vesti-1.Home&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQAAAAAAAI~&jid=1555660252&gjid=733584623&cid=642865723.1674198455&uid=0&tid=UA-5536870-20&_gid=182896465.1674198455&gtm=2wg1i0NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2023%2F01%2F21%2008%3A07%3A35&cd12=Home%20Page&cd14=50.Vesti-1.Home&z=234288834
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46803
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f744357ddc47baa090610e6519eb8ad958cdd208bd56df82f8a23d9fe369cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11116
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1689014973&t=timing&_s=2&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain%3Fprof%3D50.Vesti-1.Home&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1284&pdt=10&dns=33&rrt=0&srt=48&tcp=19&dit=686&clt=874&_gst=1177&_gbt=1221&_cst=195&_cbt=1166&_u=aCDAgEABQAAAAEAAI~&jid=&gjid=&cid=642865723.1674198455&uid=0&tid=UA-5536870-20&_gid=182896465.1674198455&gtm=2wg1i0NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2023%2F01%2F21%2008%3A07%3A35&cd12=Home%20Page&cd14=50.Vesti-1.Home&z=1443826613
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46803
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5536870-20&cid=642865723.1674198455&jid=1555660252&_u=aCDAgEABQAAAAEAAI~&z=141539753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5536870-20&cid=642865723.1674198455&jid=1555660252&_u=aCDAgEABQAAAAEAAI~&z=141539753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 22:47:39 GMT
expires
Fri, 19 Jan 2024 22:47:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3DC2 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d6f6c37882c37417b3cbe6f470fd19b93f5e2a477b32ed163c3d72f72406d36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8s__DAXY0cJlTv1JumGOuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-8s__DAXY0cJlTv1JumGOuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Fri, 20 Jan 2023 07:07:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 0D33 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 09:57:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3DC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=2675240356490333&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 20 Jan 2023 07:07:35 GMT
www-widgetapi.js
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 		183 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62798
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 20 Jan 2024 06:59:16 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.8/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 830be75ad1cb48843e77c671456c6644.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YTO50-C2
age
2744139
x-cache
Hit from cloudfront, HIT
content-length
30422
x-served-by
cache-yyz4578-YYZ
last-modified
Tue, 22 Nov 2022 07:02:09 GMT
server
AmazonS3
x-timer
S1674198455.376513,VS0,VE0
etag
"7fcf5cdb23e918c79141cd7bbdf0b9cc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oXWghpWjVDdbDf8IRpjb7qM14mkQgCADIaIz4ozUrCWWh0OgioDHvg==
x-cache-hits
23690
feed-card-placeholder.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97b976f796b0f3dedaa20505d1aa82b6c2d6a9d27a74de22a60071860383e2b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
P2cytnY8GzjJOLVoDHJRJ1BlhKq_7s84
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
19M1YRWXW66AN8BP
age
58139
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1263
x-amz-id-2
+Hvpn3L4S0x0NNlYo7UmqEoQDjL6glvUizczvGz9e3crZGxqzDOwCz0TflE7OR2AeIDEfhryJGM=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:50:11 GMT
server
AmazonS3
x-timer
S1674198455.383198,VS0,VE0
etag
"6e8fa604da13bcbdc7a76bd521e61f2c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
407
feed-footer-overlay.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-footer-overlay.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45599796e9f8955fae45eb3b87f8eb55f5fcb71c7db1572a7429587a8cc3c30e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
JHjUZCSGkS4My5jOf3T3PfCYaRi9lPwk
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
3AJ70CTVCAZ9Y20R
age
57980
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2917
x-amz-id-2
C3slXKacImYbMIrU6IubZDY21pGAkZbeT998bDkJvaDbo8K22LWWyQt28i1IVcdE6YN24+L3gIA=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:50:13 GMT
server
AmazonS3
x-timer
S1674198455.383159,VS0,VE1
etag
"c8f13e0022b16e7ecec7652fcafbd44a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1
userx.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ffc9ff89144d0654527733d14c009558de6b77ece4f89a1292e93a72a943664

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
HlFq05wWClQUHzPiT27lfT_QM4sMGAru
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
B9GFRGPADTY2EFSK
age
58129
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
I23ZmY/Qy9GGNhdcoFF5upYPJMpz6+TnAqqt4dB5YFE6/mnRsdhcpy4dnNX12R238EAXBezEPCU=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:50:57 GMT
server
AmazonS3
x-timer
S1674198455.389655,VS0,VE0
etag
"d82024fd35f3b3d2bc3392308b4a029b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3
distance-from-article.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9c77af9d4136c0a987de37b3d9ac8bbdb692d62df56a76ec117240d46fa88f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
.mxtRH8o3d0Lma.RZFviRNMMKV.qeD3X
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
19MF8RAV60VWVVW7
age
58139
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1013
x-amz-id-2
vUnuDYo5IvCLaxuySOMHbZdUXUbiUibrUVYAr1NC9gqXmzEOFykeH2I84kAS1DZOMqDiPqwiwZU=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:50:03 GMT
server
AmazonS3
x-timer
S1674198455.389747,VS0,VE0
etag
"6144f8cea99893249e61378e7096382b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
87
article-detection.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea3df7853df13afe03863f425c34c1c7e08a0247c456021e9ad0466776d11e5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
CK8W8J7wzieOMps4_94aSCTYAHHOAgf8
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
19ME4Q51GRS379WJ
age
58140
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1236
x-amz-id-2
j9qIEKZHM73hzz2HaFNj9fee+86pWlqm1jpRBuzJ9CDwl4Oke6yY2+2F4lR1Cce9GnFshTKbulw=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:49:53 GMT
server
AmazonS3
x-timer
S1674198455.389842,VS0,VE0
etag
"da83cfe4726e4dd534d0850bee03b49d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5
cta-component.20230119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f475e780a27d0f5c75e1af25cd1df0f13b2b879d82dbd54329bc2cfbf962f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
mgndaj1E3i.S_sqSXpHn5Pjxzi7fLa0P
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
19MANV2F3THV0VN8
age
58139
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4566
x-amz-id-2
Z6EOOnF5cJmviEfSbD0tVy28IA5SX4WoAzfctretSKBPvQXieZFa4r87vqT26UY5RTMU8f0YTsk=
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 14:50:00 GMT
server
AmazonS3
x-timer
S1674198455.393287,VS0,VE0
etag
"fc4ca8b17eec55161c3a4266601d1d45"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
429
abtests
trc.taboola.com/ynet-vesty/log/3/ 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/log/3/abtests?route=US:US:V&tvi2=1571&lti=po_test_ctrl&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1674198455353%7D&tim=07%3A07%3A35.353&id=1923&llvl=2&ri=5896e5ff65e1752d13cfb1583bdb1fcc&sd=v2_e4b763edc165b719a9ac12b902195cc7_001402ab-0055-42ae-b8c3-772d96a359d0-tuctac3c336_1674198454_1674198454_CIi3jgYQyYtDGOqihPDcMCABKAEwODib4wlA_4kQSOOG2ANQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=001402ab-0055-42ae-b8c3-772d96a359d0-tuctac3c336&pi=/main&wi=893850554882200731&pt=home&vi=1674198454634&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
17
pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish
x-served-by
cache-yyz4578-YYZ
server
nginx
x-timer
S1674198455.402262,VS0,VE17
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.vesty.co.il
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:35 GMT
x-amz-request-id
581MH0W2722GCG70
age
106
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
ktf3/Jsw5i7iemO2+0VyHBPt+lhP3RUg0I1rqviyOWGO8S/wNdiUTa9tCXUltQ+UhAwR/mayWkE=
x-served-by
cache-yyz4578-YYZ
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1674198455.403428,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
29
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
9
7206974_0_207_811_456_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2016/08/17/7206974/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2016/08/17/7206974/7206974_0_207_811_456_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93ae8b0d2f5b1aeab9e810ae012cee83029f50ad7cc6708735d254e9db580d7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2016/08/17/7206974/7206974_0_207_811_456_0_large.jpg
age
159090
edge-cache-tag
431783321280212325127665436260825489985,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
431783321280212325127665436260825489985,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
356
req-referer
https://www.vesty.co.il/
content-length
17968
x-request-id
4b0fcea7f239ef13e881f66ca6928aed
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kcgs7200064-IAD, cache-lga21935-LGA, cache-iad-kjyo7100128-IAD, cache-yyz4578-YYZ
last-modified
Wed, 18 Jan 2023 10:50:50 GMT
server
nginx
x-timer
S1674198455.423691,VS0,VE4
etag
"1704fbedf7ded4c07ecbf0aae1ca4194"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 26, 1
HJr6oitYfc_0_40_980_552_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/HJr6oitYfc_0_40_980_552_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58613e446b8c55815074d53b328a57a97feb724788a12cde7b8a8040bc537aef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/HJr6oitYfc_0_40_980_552_0_large.jpg
age
67590
edge-cache-tag
451018544950741731906786397047684053105,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
451018544950741731906786397047684053105,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
799
req-referer
https://www.vesty.co.il/
content-length
11940
x-request-id
2eea01f2609d2b99924c9086491b4f2f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100096-IAD, cache-bur-kbur8200097-BUR, cache-iad-kiad7000031-IAD, cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 12:19:56 GMT
server
nginx
x-timer
S1674198455.476081,VS0,VE1
etag
"1be6322da7a47ce4eebc4c5c20a5fbb1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 41, 1
40b977125e791e7e4d6cefc68f0ae1f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40b977125e791e7e4d6cefc68f0ae1f8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1907a62e18c04bc41544564ea6eb3621a5a29d8b0a067bf445e99ba449bba683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
26
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40b977125e791e7e4d6cefc68f0ae1f8.jpg
age
1802311
edge-cache-tag
477879963625656079769324322821853998144,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
477879963625656079769324322821853998144,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
160
req-referer
https://www.ynet.co.il/
content-length
21522
x-request-id
f2500fed07995f9c4acc0e93ec79125e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kcgs7200087-IAD, cache-lga21950-LGA, cache-iad-kjyo7100105-IAD, cache-yyz4578-YYZ
last-modified
Fri, 30 Dec 2022 10:22:43 GMT
server
nginx
x-timer
S1674198455.476079,VS0,VE26
etag
"b9d9e7af7b2e7ab38621889e4214e260"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 165, 1
efeaff5021b1b675e2c94498c32a961a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efeaff5021b1b675e2c94498c32a961a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95fc8f6101102fc2f0d4c6aed54f381e2108158ba38fcbf9bef029ffb8f7f0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efeaff5021b1b675e2c94498c32a961a.jpg
age
1611846
edge-cache-tag
431608386374409380923868342877813144620,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
431608386374409380923868342877813144620,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
111
req-referer
https://www.anandabazar.com/
content-length
19400
x-request-id
3bb9cae24a7d0255ab1ae4e9e6335077
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100108-IAD, cache-iad-kcgs7200033-IAD, cache-chi-klot8100170-CHI, cache-iad-kiad7000067-IAD, cache-yyz4578-YYZ
last-modified
Fri, 09 Dec 2022 17:06:49 GMT
server
nginx
x-timer
S1674198455.476070,VS0,VE1
etag
"a925a28832f23bcc95b23078eaab8fba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 167, 1
1876bdacfa827147d3c97aaa19f2457c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba0610623ba1a30857f5e9a2e1eca4998aef758edfa6c7e21f6e17c98d8957c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
age
930141
edge-cache-tag
384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
81
expiration
expiry-date="Tue, 31 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.saechsische.de/
content-length
3704
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100177-IAD, cache-bur-kbur8200160-BUR, cache-iad-kjyo7100026-IAD, cache-yyz4578-YYZ
last-modified
Sat, 31 Dec 2022 15:37:01 GMT
server
nginx
x-timer
S1674198455.476036,VS0,VE20
etag
"f4ad3f4c1c1af79f0ed44cdd7e94fd5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 13, 0
175172177__eirUg4d3.jpg
images.taboola.com/taboola/image/fetch/h_267,w_480,c_fill,g_xy_center,x_313,y_174/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_267,w_480,c_fill,g_xy_center,x_313,y_174/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/175172177__eirUg4d3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3443b1dc1decca2dcdaa1b65f074e289710e1b6baa23c3bed40897552f515b82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_267,w_480,c_fill,g_xy_center,x_313,y_174/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/175172177__eirUg4d3.jpg
age
1465706
edge-cache-tag
548739788299757111386329064773141823055,588303767858086063802394295345947626336,29ecf9b93bbf306179626feeda1fab70
cache-tag
548739788299757111386329064773141823055,588303767858086063802394295345947626336,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
104
expiration
expiry-date="Sat, 21 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
9352
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kiad7000048-IAD, cache-bur-kbur8200061-BUR, cache-iad-kiad7000105-IAD, cache-yyz4578-YYZ
last-modified
Wed, 21 Dec 2022 16:08:53 GMT
server
nginx
x-timer
S1674198455.476002,VS0,VE22
etag
"b9100c9fbc35313a72576a85a1f3bd58"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 60, 1
cef2ad86ff3e34c4cf9b07156cd843b3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cef2ad86ff3e34c4cf9b07156cd843b3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d87eb695ccad6f78a2656ef36591dd76c3b04f13b696bd3e47a2354c498b3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cef2ad86ff3e34c4cf9b07156cd843b3.png
age
1767868
edge-cache-tag
346259341048858842114072626078758108984,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
346259341048858842114072626078758108984,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
283
expiration
expiry-date="Sun, 15 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/sport/worldcup2022/article/rjkytplio
content-length
22314
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100088-IAD, cache-iad-kjyo7100088-IAD, cache-sna10735-LGB, cache-iad-kcgs7200050-IAD, cache-yyz4578-YYZ
last-modified
Thu, 15 Dec 2022 21:26:22 GMT
server
nginx
x-timer
S1674198456.533114,VS0,VE18
etag
"a80ae2401bacf799544f5324c8c2b41f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 15, 0
e97f5d8e30a961b1acd30ecf9ee0ae85.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e97f5d8e30a961b1acd30ecf9ee0ae85.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2fb63c456a6194a0723eeba2d489eb27eff27ddbb753ddba49b6ff91c5992862

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e97f5d8e30a961b1acd30ecf9ee0ae85.jpg
age
5633571
edge-cache-tag
620252639337346947902485610200770324420,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
620252639337346947902485610200770324420,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
155
expiration
expiry-date="Fri, 25 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
28004
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000107-IAD, cache-lax10642-LGB, cache-iad-kiad7000164-IAD, cache-yyz4578-YYZ
last-modified
Tue, 25 Oct 2022 14:18:30 GMT
server
nginx
x-timer
S1674198456.581455,VS0,VE1
etag
"75b3c79f97981e2697fc237af205593a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 1, 102, 1
SJ63f43qs_226_4_1006_566_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/SJ63f43qs/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/SJ63f43qs/SJ63f43qs_226_4_1006_566_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd978a87bd6097f6e3f48d2740b1bceb3d27f0385c44e667a126c8adccdc84ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/SJ63f43qs/SJ63f43qs_226_4_1006_566_0_large.jpg
age
753281
edge-cache-tag
557809525407563233562943040038211367776,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
557809525407563233562943040038211367776,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
462
req-referer
https://m.vesty.co.il/
content-length
47336
x-request-id
f89c1faeec9dbd646a1edfdc128ddea3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200034-IAD, cache-iad-kjyo7100177-IAD, cache-lga21960-LGA, cache-iad-kjyo7100087-IAD, cache-yyz4578-YYZ
last-modified
Wed, 11 Jan 2023 13:47:39 GMT
server
nginx
x-timer
S1674198456.586623,VS0,VE1
etag
"ba79eaf158bcba60da8caa853053151a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 150, 1
ryp8B4Zis_346_437_2398_1349_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/15/ryp8B4Zis/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/15/ryp8B4Zis/ryp8B4Zis_346_437_2398_1349_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0198e11b6aefcf520136d9c5c2ef0cbd3e217a8e7e3f84c10870b5af97cd6152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/15/ryp8B4Zis/ryp8B4Zis_346_437_2398_1349_0_large.jpg
age
408119
edge-cache-tag
523268017423290481696138399955674825247,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
523268017423290481696138399955674825247,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
333
req-referer
https://m.vesty.co.il/
content-length
11010
x-request-id
dc0e8420e03f11a83e9d3c1e3a0fe411
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200132-IAD, cache-iad-kjyo7100027-IAD, cache-chi-klot8100179-CHI, cache-iad-kcgs7200175-IAD, cache-yyz4578-YYZ
last-modified
Sun, 15 Jan 2023 13:35:56 GMT
server
nginx
x-timer
S1674198456.597489,VS0,VE1
etag
"5b73286cd8fb7d4cf01a913c5b4e95ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 86, 1
226f3323d89fd33ad03a6238dd9b98e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/226f3323d89fd33ad03a6238dd9b98e1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
985b3010e916c334e691fa3649f3d17a45a42b72390daa9c548f37f049bbcfc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/226f3323d89fd33ad03a6238dd9b98e1.png
age
1159980
edge-cache-tag
427554338314940360667032181038050667656,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
427554338314940360667032181038050667656,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
187
req-referer
https://madamefigaro.jp/
content-length
20414
x-request-id
34e6c52495021f2d120681cbc9c4f64c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000171-IAD, cache-iad-kiad7000150-IAD, cache-lga21953-LGA, cache-iad-kcgs7200038-IAD, cache-yyz4578-YYZ
last-modified
Tue, 27 Dec 2022 18:14:40 GMT
server
nginx
x-timer
S1674198456.601766,VS0,VE18
etag
"22ad4079fe108b94b448b1375741a2bb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 10, 0
SJexyqlmq_5_0_848_477_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/SJexyqlmq/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/SJexyqlmq/SJexyqlmq_5_0_848_477_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
307e34605cb4539c0350e0442839f61450025dbd6cc50d3299c80a6d5111452e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/SJexyqlmq/SJexyqlmq_5_0_848_477_0_large.jpg
age
681059
edge-cache-tag
576264296922536800765409009203015476424,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
576264296922536800765409009203015476424,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
156
req-referer
https://m.vesty.co.il/
content-length
7656
x-request-id
b593710687420a4ec2d582eeddde7203
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200053-IAD, cache-bur-kbur8200147-BUR, cache-iad-kcgs7200168-IAD, cache-yyz4578-YYZ
last-modified
Thu, 12 Jan 2023 09:50:52 GMT
server
nginx
x-timer
S1674198456.608676,VS0,VE3
etag
"f93d72be6413e1b2b9016a00dc1609bb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 64, 1
insta-girls-juni-2022-collage.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1655130393780/content/gallery/freenet/unterhaltung/gi... 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1655130393780/content/gallery/freenet/unterhaltung/girls/2022/06/13/insta-girls-juni-2022-collage.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c5516b7839d392a178d6907f5cb40beceb99756596655a4818a1c75bd13fac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1655130393780/content/gallery/freenet/unterhaltung/girls/2022/06/13/insta-girls-juni-2022-collage.jpg
age
8473835
edge-cache-tag
575333140347004013682608692228625898474,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
575333140347004013682608692228625898474,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
1965
expiration
expiry-date="Fri, 21 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/chemnitz/kultur-leute/city-frontmann-toni-krahl-sein-letztes-hemd-kommt-aus-chemnitz-2708341
content-length
23120
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000059-IAD, cache-iad-kiad7000114-IAD, cache-lax10625-LGB, cache-iad-kjyo7100109-IAD, cache-yyz4578-YYZ
last-modified
Tue, 20 Sep 2022 14:34:48 GMT
server
nginx
x-timer
S1674198456.657705,VS0,VE17
etag
"3d21fab1f8ed91c003e8a437a5b7af32"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 64, 0
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e0ea1296f06b23f70561f76a159d07c4d37cdc5863ea21e7047ef5f59a93369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
1755254
edge-cache-tag
379226829563982640636830187610323967922,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
958
req-referer
https://www.ynet.co.il/
content-length
14068
x-request-id
d675adce9a7b71de291544df90868c18
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kiad7000171-IAD, cache-sna10730-LGB, cache-iad-kjyo7100177-IAD, cache-yyz4578-YYZ
last-modified
Sun, 18 Dec 2022 07:16:26 GMT
server
nginx
x-timer
S1674198456.691312,VS0,VE1
etag
"ad38ee0b436958ad257214bb1766369d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 65, 1
dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc2f064ff9bc3c36de040d77c82c43890467aa13b216f9e0925a5e6cf306d4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age
1742583
edge-cache-tag
570355061721211699538449521237231190296,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
570355061721211699538449521237231190296,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
177
expiration
expiry-date="Mon, 02 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cnbc.com/
content-length
5884
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kjyo7100053-IAD, cache-bur-kbur8200044-BUR, cache-iad-kjyo7100039-IAD, cache-yyz4578-YYZ
last-modified
Fri, 02 Dec 2022 17:45:28 GMT
server
nginx
x-timer
S1674198456.707276,VS0,VE1
etag
"17a28ed4e5b73e2e8f70f28346e16bea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 121, 1
ryqsURzjs_0_393_769_433_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/ryqsURzjs/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/ryqsURzjs/ryqsURzjs_0_393_769_433_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
819b49115d6184d68d612edabcda26049a0f6702e16b8d9b3e4628f403afd863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/ryqsURzjs/ryqsURzjs_0_393_769_433_0_large.jpg
age
301218
edge-cache-tag
300195652200437828216117461924270755800,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
cache-tag
300195652200437828216117461924270755800,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
386
req-referer
https://www.vesty.co.il/
content-length
6784
x-request-id
2e1c684082ff9d557a5b09a0a9ece534
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100098-IAD, cache-sna10738-LGB, cache-iad-kjyo7100059-IAD, cache-yyz4578-YYZ
last-modified
Mon, 16 Jan 2023 19:23:19 GMT
server
nginx
x-timer
S1674198456.711720,VS0,VE7
etag
"e5b50c7b0faa079091f3536358bd833a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 11, 1
e57b71bf78acc992724d5578cda0e53a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b40f02abe87261d993209afe5b11586a25376e636f37a1497c7dfe040480b88a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
age
1333560
edge-cache-tag
581642981813423033132911081436147160939,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
581642981813423033132911081436147160939,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
17
req-referer
https://www.ynet.co.il/
content-length
17462
x-request-id
b0552e4c24c6ddf4866bcc9995be7c4f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200074-IAD, cache-iad-kjyo7100036-IAD, cache-bur-kbur8200081-BUR, cache-iad-kjyo7100054-IAD, cache-yyz4578-YYZ
last-modified
Wed, 04 Jan 2023 20:01:52 GMT
server
nginx
x-timer
S1674198456.715142,VS0,VE17
etag
"f008ab8c3de7c2e7619c3048808f3bc3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 3, 0
2b8bea59712f241ca743aba3d0c7ba5a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b8bea59712f241ca743aba3d0c7ba5a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a683fc79e3379ee8ecfd8f32e947347138c4b6d2aa324528a5389a9c34e2756

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b8bea59712f241ca743aba3d0c7ba5a.png
age
2385183
edge-cache-tag
517643170872777670088503676001066527527,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
517643170872777670088503676001066527527,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
211
expiration
expiry-date="Mon, 16 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
6160
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kjyo7100062-IAD, cache-bur-kbur8200129-BUR, cache-iad-kiad7000069-IAD, cache-yyz4578-YYZ
last-modified
Fri, 16 Dec 2022 20:59:10 GMT
server
nginx
x-timer
S1674198456.725643,VS0,VE16
etag
"0254b04454f1ac68e73ac28dbbf0d44c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 57, 0
f06b8e11e166ca18de28dec31f364a56.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
163d6aef40ae55df4d8dd3b736082ce1ed5f047d10f3518dc0c41d4d1bc2ea8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
age
5170703
edge-cache-tag
306513147387022570637336144701606807403,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
306513147387022570637336144701606807403,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
84
expiration
expiry-date="Sat, 26 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
3666
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200045-IAD, cache-iad-kiad7000022-IAD, cache-bur-kbur8200036-BUR, cache-iad-kiad7000100-IAD, cache-yyz4578-YYZ
last-modified
Wed, 26 Oct 2022 22:10:43 GMT
server
nginx
x-timer
S1674198456.782130,VS0,VE1
etag
"627088875098e7277b9bef591cc43e2e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1, 1
7206974_0_207_811_456_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2016/08/17/7206974/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2016/08/17/7206974/7206974_0_207_811_456_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93ae8b0d2f5b1aeab9e810ae012cee83029f50ad7cc6708735d254e9db580d7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2016/08/17/7206974/7206974_0_207_811_456_0_large.jpg
age
159090
edge-cache-tag
431783321280212325127665436260825489985,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
431783321280212325127665436260825489985,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
356
req-referer
https://www.vesty.co.il/
content-length
17968
x-request-id
4b0fcea7f239ef13e881f66ca6928aed
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kcgs7200064-IAD, cache-lga21935-LGA, cache-iad-kjyo7100128-IAD, cache-yyz4578-YYZ
last-modified
Wed, 18 Jan 2023 10:50:50 GMT
server
nginx
x-timer
S1674198456.796899,VS0,VE0
etag
"1704fbedf7ded4c07ecbf0aae1ca4194"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 26, 2
HJr6oitYfc_0_40_980_552_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/HJr6oitYfc_0_40_980_552_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58613e446b8c55815074d53b328a57a97feb724788a12cde7b8a8040bc537aef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/24/HJr6oitYfc/HJr6oitYfc_0_40_980_552_0_large.jpg
age
67590
edge-cache-tag
451018544950741731906786397047684053105,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
451018544950741731906786397047684053105,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
799
req-referer
https://www.vesty.co.il/
content-length
11940
x-request-id
2eea01f2609d2b99924c9086491b4f2f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100096-IAD, cache-bur-kbur8200097-BUR, cache-iad-kiad7000031-IAD, cache-yyz4578-YYZ
last-modified
Thu, 19 Jan 2023 12:19:56 GMT
server
nginx
x-timer
S1674198456.811500,VS0,VE0
etag
"1be6322da7a47ce4eebc4c5c20a5fbb1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 41, 2
efeaff5021b1b675e2c94498c32a961a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efeaff5021b1b675e2c94498c32a961a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95fc8f6101102fc2f0d4c6aed54f381e2108158ba38fcbf9bef029ffb8f7f0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efeaff5021b1b675e2c94498c32a961a.jpg
age
1611846
edge-cache-tag
431608386374409380923868342877813144620,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
431608386374409380923868342877813144620,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
111
req-referer
https://www.anandabazar.com/
content-length
19400
x-request-id
3bb9cae24a7d0255ab1ae4e9e6335077
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100108-IAD, cache-iad-kcgs7200033-IAD, cache-chi-klot8100170-CHI, cache-iad-kiad7000067-IAD, cache-yyz4578-YYZ
last-modified
Fri, 09 Dec 2022 17:06:49 GMT
server
nginx
x-timer
S1674198456.820272,VS0,VE0
etag
"a925a28832f23bcc95b23078eaab8fba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 167, 2
40b977125e791e7e4d6cefc68f0ae1f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40b977125e791e7e4d6cefc68f0ae1f8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1907a62e18c04bc41544564ea6eb3621a5a29d8b0a067bf445e99ba449bba683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40b977125e791e7e4d6cefc68f0ae1f8.jpg
age
1802311
edge-cache-tag
477879963625656079769324322821853998144,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
477879963625656079769324322821853998144,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
160
req-referer
https://www.ynet.co.il/
content-length
21522
x-request-id
f2500fed07995f9c4acc0e93ec79125e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kcgs7200087-IAD, cache-lga21950-LGA, cache-iad-kjyo7100105-IAD, cache-yyz4578-YYZ
last-modified
Fri, 30 Dec 2022 10:22:43 GMT
server
nginx
x-timer
S1674198456.837606,VS0,VE0
etag
"b9d9e7af7b2e7ab38621889e4214e260"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 165, 2
1876bdacfa827147d3c97aaa19f2457c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba0610623ba1a30857f5e9a2e1eca4998aef758edfa6c7e21f6e17c98d8957c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
age
930141
edge-cache-tag
384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
81
expiration
expiry-date="Tue, 31 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.saechsische.de/
content-length
3704
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100177-IAD, cache-bur-kbur8200160-BUR, cache-iad-kjyo7100026-IAD, cache-yyz4578-YYZ
last-modified
Sat, 31 Dec 2022 15:37:01 GMT
server
nginx
x-timer
S1674198456.850247,VS0,VE0
etag
"f4ad3f4c1c1af79f0ed44cdd7e94fd5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 13, 1
175172177__eirUg4d3.jpg
images.taboola.com/taboola/image/fetch/h_267,w_480,c_fill,g_xy_center,x_313,y_174/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_267,w_480,c_fill,g_xy_center,x_313,y_174/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/175172177__eirUg4d3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3443b1dc1decca2dcdaa1b65f074e289710e1b6baa23c3bed40897552f515b82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_267,w_480,c_fill,g_xy_center,x_313,y_174/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/175172177__eirUg4d3.jpg
age
1465706
edge-cache-tag
548739788299757111386329064773141823055,588303767858086063802394295345947626336,29ecf9b93bbf306179626feeda1fab70
cache-tag
548739788299757111386329064773141823055,588303767858086063802394295345947626336,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
104
expiration
expiry-date="Sat, 21 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
9352
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kiad7000048-IAD, cache-bur-kbur8200061-BUR, cache-iad-kiad7000105-IAD, cache-yyz4578-YYZ
last-modified
Wed, 21 Dec 2022 16:08:53 GMT
server
nginx
x-timer
S1674198456.890346,VS0,VE0
etag
"b9100c9fbc35313a72576a85a1f3bd58"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 60, 2
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=2675240356490333&bg=!5-Sl5KDNAAYDMoyoIzI7ACkAdvg8WpDPAMDJQPLdwYc1z85L4sXomTbOkbltHTOlCoLt6uFqeJ2oNgIAAABPUgAAAARoAQcKAF6ji71xJOyQ8E-2L4tLdll3bQEiXVSCJpgaB5Ns0ntxyu1tt7vjRIzFSsdF6f7E8tiXOct0A1esmrCIkVE5qMx9ilPTBLmwe_0RgPTqJZl207OFsU9fODdaq7DNOY6_mQKZECei2bZv9wSpWelev9SMeeOGj3jyH99l8PuPoCanCuo_KYQj6xQ0QkTGgvQ_DTRbZURyY6V1O7bIE_3GoHWzXo1qskkL6oSEkJrgzMYygg8MpYmBX6u_D7mGvIo1DYnLJA8fxPEMRK_bW99NBr9tOnab0nYob1ok-uPTuw9L3FsnsMzmhA3qSRg7CUAUeyNFqGnYg80KvrDuYRog4BmOha8YZ_a6SfIAGzXTLV6T8ig7eE1-KGcERPFT8je8_Apq4q-Z_fhUay3DYl3P_a04-9xMFaVIruclF2lWWPVAdTys1wyV6YPbPs-T-2J7EC-PbCO5h9A5OeFyRwFTkIJTwYlZ5q7LeDdWg_Hpd41JIRNphIivI6lWO2iHLzyijb4NyhghqwhB5iOQngKnQ34L4ceeL75U4GpwNEU6bYYxxdCobhuaDKf7GSzErY8zUpGtbhBcDFTBTAJJvDgpjpGNr0rdaUe3sL2sucDchJW3knODhfj1FCw4z_HGpqxjRlhWpOrscIZzdAoCN93zI0f6lak3FX6VVXfJKbSy29ds0gQ96dRJilhoo8tpg5NTwKms75YBQffDwt1MiFR3pNACyaDoBzJjin6KiWM0Ndu2YwGogmn08HnHY2NX5kE6ChRhxIxQRtQgkcRen6GnrMaWMmpcqeXhrzg3xNsksrIyBEbIuSLY4cwtd9wyfzBuxuhLdy-bSnqAHK9CWWatowxODp4aAgqgDPdzrkInc9t__a_p-WazRNCpKRkXPYXjv9c1PQG1oYBP14r7s8xLZmbKuL9zi4XD7YvXmc7WiM9z12aB6aVs-koRSV2_0ZEG67ahzYXIoWPnzGQxu82FhgyQL8EnoFY9MyOnj-9D6hPilPUJY87aK2XCjdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
cef2ad86ff3e34c4cf9b07156cd843b3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cef2ad86ff3e34c4cf9b07156cd843b3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d87eb695ccad6f78a2656ef36591dd76c3b04f13b696bd3e47a2354c498b3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cef2ad86ff3e34c4cf9b07156cd843b3.png
age
1767868
edge-cache-tag
346259341048858842114072626078758108984,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
346259341048858842114072626078758108984,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
283
expiration
expiry-date="Sun, 15 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/sport/worldcup2022/article/rjkytplio
content-length
22314
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100088-IAD, cache-iad-kjyo7100088-IAD, cache-sna10735-LGB, cache-iad-kcgs7200050-IAD, cache-yyz4578-YYZ
last-modified
Thu, 15 Dec 2022 21:26:22 GMT
server
nginx
x-timer
S1674198456.902076,VS0,VE0
etag
"a80ae2401bacf799544f5324c8c2b41f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 15, 1
e97f5d8e30a961b1acd30ecf9ee0ae85.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e97f5d8e30a961b1acd30ecf9ee0ae85.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2fb63c456a6194a0723eeba2d489eb27eff27ddbb753ddba49b6ff91c5992862

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e97f5d8e30a961b1acd30ecf9ee0ae85.jpg
age
5633571
edge-cache-tag
620252639337346947902485610200770324420,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
620252639337346947902485610200770324420,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
155
expiration
expiry-date="Fri, 25 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
28004
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000107-IAD, cache-lax10642-LGB, cache-iad-kiad7000164-IAD, cache-yyz4578-YYZ
last-modified
Tue, 25 Oct 2022 14:18:30 GMT
server
nginx
x-timer
S1674198456.925210,VS0,VE0
etag
"75b3c79f97981e2697fc237af205593a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 1, 102, 2
SJ63f43qs_226_4_1006_566_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/SJ63f43qs/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/SJ63f43qs/SJ63f43qs_226_4_1006_566_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd978a87bd6097f6e3f48d2740b1bceb3d27f0385c44e667a126c8adccdc84ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/11/SJ63f43qs/SJ63f43qs_226_4_1006_566_0_large.jpg
age
753281
edge-cache-tag
557809525407563233562943040038211367776,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
557809525407563233562943040038211367776,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
462
req-referer
https://m.vesty.co.il/
content-length
47336
x-request-id
f89c1faeec9dbd646a1edfdc128ddea3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200034-IAD, cache-iad-kjyo7100177-IAD, cache-lga21960-LGA, cache-iad-kjyo7100087-IAD, cache-yyz4578-YYZ
last-modified
Wed, 11 Jan 2023 13:47:39 GMT
server
nginx
x-timer
S1674198456.925436,VS0,VE0
etag
"ba79eaf158bcba60da8caa853053151a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 150, 2
ryp8B4Zis_346_437_2398_1349_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/15/ryp8B4Zis/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/15/ryp8B4Zis/ryp8B4Zis_346_437_2398_1349_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0198e11b6aefcf520136d9c5c2ef0cbd3e217a8e7e3f84c10870b5af97cd6152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/15/ryp8B4Zis/ryp8B4Zis_346_437_2398_1349_0_large.jpg
age
408119
edge-cache-tag
523268017423290481696138399955674825247,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
523268017423290481696138399955674825247,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
333
req-referer
https://m.vesty.co.il/
content-length
11010
x-request-id
dc0e8420e03f11a83e9d3c1e3a0fe411
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200132-IAD, cache-iad-kjyo7100027-IAD, cache-chi-klot8100179-CHI, cache-iad-kcgs7200175-IAD, cache-yyz4578-YYZ
last-modified
Sun, 15 Jan 2023 13:35:56 GMT
server
nginx
x-timer
S1674198456.944360,VS0,VE0
etag
"5b73286cd8fb7d4cf01a913c5b4e95ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 86, 2
226f3323d89fd33ad03a6238dd9b98e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/226f3323d89fd33ad03a6238dd9b98e1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
985b3010e916c334e691fa3649f3d17a45a42b72390daa9c548f37f049bbcfc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/226f3323d89fd33ad03a6238dd9b98e1.png
age
1159980
edge-cache-tag
427554338314940360667032181038050667656,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
427554338314940360667032181038050667656,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
187
req-referer
https://madamefigaro.jp/
content-length
20414
x-request-id
34e6c52495021f2d120681cbc9c4f64c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000171-IAD, cache-iad-kiad7000150-IAD, cache-lga21953-LGA, cache-iad-kcgs7200038-IAD, cache-yyz4578-YYZ
last-modified
Tue, 27 Dec 2022 18:14:40 GMT
server
nginx
x-timer
S1674198456.951025,VS0,VE0
etag
"22ad4079fe108b94b448b1375741a2bb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 10, 1
SJexyqlmq_5_0_848_477_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/SJexyqlmq/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/SJexyqlmq/SJexyqlmq_5_0_848_477_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
307e34605cb4539c0350e0442839f61450025dbd6cc50d3299c80a6d5111452e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/SJexyqlmq/SJexyqlmq_5_0_848_477_0_large.jpg
age
681059
edge-cache-tag
576264296922536800765409009203015476424,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
576264296922536800765409009203015476424,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
156
req-referer
https://m.vesty.co.il/
content-length
7656
x-request-id
b593710687420a4ec2d582eeddde7203
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200053-IAD, cache-bur-kbur8200147-BUR, cache-iad-kcgs7200168-IAD, cache-yyz4578-YYZ
last-modified
Thu, 12 Jan 2023 09:50:52 GMT
server
nginx
x-timer
S1674198456.999191,VS0,VE0
etag
"f93d72be6413e1b2b9016a00dc1609bb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 64, 2
container.html
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F231 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Sat, 20 Jan 2024 07:07:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D126 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss58tcxy9NMKP8KfeO0fSSNi9R8246k5L_taezp2LUWYN6EPAOMyq9Qzb4ot8P4S-ko2g6cZzWbrkek6IxwLpZEoW3vJujCCSRukWYBN53C9_oEDQm3ZrEUM9-06d2w9yxCqjKmUZC7yVdj8pbAzquLSRTumHfMmZL4mahwYViqReReqUCoiPnre6ncNlA1Cvaict_ZQmP3nIf1BPMa5ZmmG6OHMHW2Hllhya0JEBO-o9Q6ZoyJ98Iz5QHHlG1frpDNr6p4VWD1Nhhwm6PLpojWPbT9hmWocjFnGkQIMUziVZt9jQ2VCMKwJMEBZqmWXAVRAPDKejdHwpuAPw&sai=AMfl-YTz0I4_pcVcpkJVjhHT3d7FzXp0JNwr4Sp8MLNMccpHtjzp8waM1NdbHCJiP6uuWQ9Txmq5YZ2kIIuhiqrZBmoH2G6i01PQntjED1SnaArxFZ6z5otCs2OdBArlA4JeXRxL2QaNUv2M4GWCBWXR4QE&sig=Cg0ArKJSzHHmqovkaQ2nEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame D126 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:57:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D126 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:35 GMT
2628510726269291716
tpc.googlesyndication.com/simgad/ Frame D126 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2628510726269291716
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02426be5ed7a8deeea09233b783948a44c6b26100d1e0a72b781d10137ce23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 01:51:01 GMT
x-content-type-options
nosniff
age
18994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51512
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 13:42:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 01:51:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame A364 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A364 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A364 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A364 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 13:25:01 GMT
age
63754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Jan 2024 13:25:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A364 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
truncated
/ Frame A364 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac220126333e4b7e11c3b142828f3dd545371a2bc4e8bd3151aeb89e95f41af

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVfOGZRGidyNQyugmeAlrg_zQgU4fFJmTumP9mIlPOyfFyk1D8ysE726WYJhDYDEbZLGNQY36UWSemLEqj02g_DlC74Da8Kw39C-M_QiCVCx2VsyfYtXWcPXI3fcLbVf4wHysAIR-qudsXGW1_zONtHcp0Q8CRocwFHqLOwrTCtNfq24hzAwRlvAviJmpshRYEm5alWJdd6saHMBy5RPf34AkJi0PcvMyLL4PcuEZynl7iRHJZGdF30dsh16Un9tQzgjyUuvxhcJIOkCU7xBcNiQqtb6syIFW-mUkJSjqf5YUWR3YILvmShPjO6LbbYSj4vTyQt_Ax3dmXVg&sai=AMfl-YSom3ihW74m72w8zMqoUHWn7u--TyDsQeLhpTbuC7ZeUAKOmPjL1iOIeMyQCiZGIbcbB7UnwEbjkIP0MK0RdUZzhyv54tz3htvJS1fauJXkkqrC9O4JzdW3pvo9IHqQoT7rmREZiUQS4TMFgdSPQAw&sig=Cg0ArKJSzO17ouFpHA5GEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 3850 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:57:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3850 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:35 GMT
13150739955191351252
tpc.googlesyndication.com/simgad/ Frame 3850 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13150739955191351252
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e8d69ed6d508a5a3b55538a4dd8352a81a6e60d0f11dc992c5e91843fe139a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 09:50:09 GMT
x-content-type-options
nosniff
age
335846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50244
x-xss-protection
0
last-modified
Sun, 15 Jan 2023 10:21:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Jan 2024 09:50:09 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame A81C 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A81C 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A81C 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A81C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 13:25:01 GMT
age
63754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Jan 2024 13:25:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A81C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
219622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
truncated
/ Frame A81C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36d1863ebd6b1c6a0b271baa7696bc7e0931b9c94a7851d30c11836e152742aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
container.html
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C19B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Sat, 20 Jan 2024 07:07:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F33 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Sat, 20 Jan 2024 07:07:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9DD8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Sat, 20 Jan 2024 07:07:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14387419475975485549
tpc.googlesyndication.com/daca_images/simgad/ Frame A364 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14387419475975485549
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8108d77a264d081487ea1032c4c801f6d594a8eab414100fa6d1a4accd98da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 22:15:35 GMT
x-content-type-options
nosniff
age
291120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56694
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 00:25:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Jan 2024 22:15:35 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A364 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:13:15 GMT
x-content-type-options
nosniff
server
cafe
age
42860
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 20 Jan 2023 19:13:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A364 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:01:41 GMT
x-content-type-options
nosniff
server
cafe
age
43554
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 20 Jan 2023 19:01:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A364 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1oXgtj3KY6rnKILy1gamtY-4CI2b1b5uoYvflc4Ohs7_lYQbEAEgmfugK2CVqpSCoAegAbn6n9QDyAECqQKVWiqvXJeiPuACAKgDAcgDCKoEmwJP0PmudLErNZK5fXZNT2x058QnEatae3j5qnlSvFW1_1oELaX-75xvnpSJX-FUU4_jV6JdqnnnCwIfuYvpDWWDPnH3SiSOCuHfXPkhQCP5T1111dp_d9pVTPI_JFwjI1YDXvpRvI-Gb15OAJMO8sRqrLArcG6BfMXMof5p2uARCYYNtD5jWOx4mtFQGG2gYS2uBZAotvSa9gKXqjCm1mzSpPA5JsElsljKwk47zpkphVqHlLHTKr4HvKqKnNuYNiOKIXy-AuBXey9IJbrV821qpNLPnT98uMBc3Ygp3cDtdYaTum1K06ze668O8VczuPW3YaL_8dLlVxBh5csaZvxmrhP-e_uXsXhclfeeAoTBjobwtwXA7Ok6YMl7wASwo-GP8gPgBAGSBQQIBBgBkgUECAUYBKAGAoAHr4XgK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELXpBNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTkzMTQxMTE4MjQ3ODc2MzIYubMN&sigh=MQ7z13juo_E&uach_m=[UACH]&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
3573066126931393359
tpc.googlesyndication.com/simgad/ Frame A81C 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3573066126931393359?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlysm_KeKtbsjHbi-huzqsKYKWo4Q
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11658ab232f361f89229467b345f69b559764bcf92a5c86b23042e4db02cb854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 23:39:45 GMT
x-content-type-options
nosniff
age
199670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41276
x-xss-protection
0
last-modified
Mon, 18 Nov 2019 09:57:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 23:39:45 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A81C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:13:15 GMT
x-content-type-options
nosniff
server
cafe
age
42860
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 20 Jan 2023 19:13:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A81C 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:01:41 GMT
x-content-type-options
nosniff
server
cafe
age
43554
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 20 Jan 2023 19:01:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A81C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzrYxtj3KY6vnKILy1gamtY-4COqr35hpy-yX_bkKj4e4gIcwEAEgmfugK2CVqpSCoAegAfbTkcsCyAECqQJPFiDxxS2yPuACAKgDAcgDCKoEpwJP0IZsWqN8p8CPYoYfkoK7fhodmUagbKikmrVI1S6M21VAnIncYCAJ2yciBuoajKYmXmg8LhoS_PUHGMvAJt5838sLgqR5A38z_Q1TyKQktG5W-5UBkFvdTQd_NPjSlY7dyAOQgSc_zgwdd-tfpjwHzY3ub_LJDg_t17rtqCBc65IGNLC3gZySRG3-xwkgyJ2PqAo_KMFwWAg4QRgdYsV2znU9zuI5oBQOYHm7oOIJXKvpVoaelykbxx3hCn01a5KP3qzRdfJCkERVmez_oWnraJTidOQwcJTA2U3pNiMBFNUNAH4SytgnesBNdc8Fzynaf9EoK_o9GZoWRaTDsSyK6DscWIq8-3r-DkTDBJYTedeEea0b4cwb_L4eCzQ6Sh1soO0PhOVYwASb1PW3zgLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH8qvutAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCn4gPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MzE0MTExODI0Nzg3NjMyGLmzDQ&sigh=d-ONsqeFNAA&uach_m=[UACH]&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
truncated
/ Frame D126 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
faa14c11d7703f7d50ca293ff2f2b15879b3aa21921a179716d757ee87c99716

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3850 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96535cba682de213b2813fec679a47f8b9da135719dc650c69a794fdded31afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
st
imprnjmp.taboola.com/ Frame 8DA4 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7JD8CFgPXhX0jpuiNmATXhX0jpuiNmAUAAAAGBvQHJDBzzBYOi8mtsdg2btFqYnJLXKaRWzacDQfLzcJmmk2MQAIzx2zhsJjcGott4xatJia3xGUauWXD2XCw3CxsptnEChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxZHgrsvLbXFZfv4AAAAAAAEAAAAgASDgyi8BuLCKOvn_________jxmgz7yR-f___79R6AF48AF4EAIAAPgYst6GB5OpjxMgIhAsYgQAAAAA9a-wfDSpEyqLqv___34rgCsAgIBC54AI7yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJlTE3JwWFHPkqvYLCACw9gsIAMA2bgAAbwFwQUfQisFgdQkxGKw2u9FmMjsAAACAu____389kDJNfLPNyuRxzFYT32K5cC48jsnEOZgslquNx7e9ooa0EuxRR5Y-DWGZ_b6DkO92GR4-l0FOIogPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_Q3EYDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNEQYGCxGg8nC4hYMVqu1aLJwuSXGjWet201GztnCs1qODGvR62N6eDwbz2a2RcGAj71InhbpRDVczlaumc22Wjl2q8nIsdnYLI7VcDMxWRwzj8cilmhOFulEdtm3TBPfbLMyeRyz1cS3WC6cC49jMnEOJovlauPx7QuDxWgwWVjcgsFqtRZNFi63xLjxrHW7ycg5W3hWy5FhLXp9TA-PZ-PZzPaN2W60WA5Hq9G-MduNFsvhaDXad5hMz9TnbDSfpROPz3gaDSWOm8OgcBks3p_EtJh2Zwe_tHV0-nweZUFn9Pv9fr_f7_f7_X6D1nMwGxS-6zimHZdkFm25djuIDQZFLBFcpBPl3WV6y16e0_MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jw04mEtWq7liMJcMNqsEAAAAAAAAALCEOfMmAAAAAKeBDFfL0WqdB7GaLEeT1XIBIIqTdX94h9sc3NpMdxnOMLEMFCg2ixs_Vsi7y_SWvTyn55UBAAQmmTd_Joi1Wi1rAAAAAWwAAIAAbt28BYRZ8f____9xAAAAMnL0AAAA9PtAUAo9cKPXCvwEuVwtBg!&cmcv=&pix=undefined&cb=1674198455840&uv=3250&tms=1674198455840&abt=ampfb_vC!Noappq22_vB!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=0f16aabd-cb6c-45bd-be4d-6868093af46b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c2fbf13d01af7cee93ca0de33393a060eeebe38b324f877a7ca3b1df2338715

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 20 Jan 2023 07:07:35 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4578-YYZ
x-timer
S1674198456.900722,VS0,VE19
sync
us-match.taboola.com/ Frame 65DF 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7JD8CFgPXhX0jpuiNmATXhX0jpuiNmAUAAAAGBvQHJDBzzBYOi8mtsdg2btFqYnJLXKaRWzacDQfLzcJmmk2MQAIzx2zhsJjcGott4xatJia3xGUauWXD2XCw3CxsptnEChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxZHgrsvLbXFZfv4AAAAAAAEAAAAgASDgyi8BuLCKOvn_________jxmgz7yR-f___79R6AF48AF4EAIAAPgYst6GB5OpjxMgIhAsYgQAAAAA9a-wfDSpEyqLqv___34rgCsAgIBC54AI7yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJlTE3JwWFHPkqvYLCACw9gsIAMA2bgAAbwFwQUfQisFgdQkxGKw2u9FmMjsAAACAu____389kDJNfLPNyuRxzFYT32K5cC48jsnEOZgslquNx7e9ooa0EuxRR5Y-DWGZ_b6DkO92GR4-l0FOIogPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_Q3EYDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNEQYGCxGg8nC4hYMVqu1aLJwuSXGjWet201GztnCs1qODGvR62N6eDwbz2a2RcGAj71InhbpRDVczlaumc22Wjl2q8nIsdnYLI7VcDMxWRwzj8cilmhOFulEdtm3TBPfbLMyeRyz1cS3WC6cC49jMnEOJovlauPx7QuDxWgwWVjcgsFqtRZNFi63xLjxrHW7ycg5W3hWy5FhLXp9TA-PZ-PZzPaN2W60WA5Hq9G-MduNFsvhaDXad5hMz9TnbDSfpROPz3gaDSWOm8OgcBks3p_EtJh2Zwe_tHV0-nweZUFn9Pv9fr_f7_f7_X6D1nMwGxS-6zimHZdkFm25djuIDQZFLBFcpBPl3WV6y16e0_MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jw04mEtWq7liMJcMNqsEAAAAAAAAALCEOfMmAAAAAKeBDFfL0WqdB7GaLEeT1XIBIIqTdX94h9sc3NpMdxnOMLEMFCg2ixs_Vsi7y_SWvTyn55UBAAQmmTd_Joi1Wi1rAAAAAWwAAIAAbt28BYRZ8f____9xAAAAMnL0AAAA9PtAUAo9cKPXCvwEuVwtBg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3bd81efe8e9a9ad68c759fccf939381f50524ce1a2bc332cecad95a1fef7b5cc

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 20 Jan 2023 07:07:36 GMT
machineid
3106
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7JD8CFgPXhX0jpuiNmATXhX0jpuiNmAUAAAAGBvQHJDBzzBYOi8mtsdg2btFqYnJLXKaRWzacDQfLzcJmmk2MQAIzx2zhsJjcGott4xatJia3xGUauWXD2XCw3CxsptnEChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxZHgrsvLbXFZfv4AAAAAAAEAAAAgASDgyi8BuLCKOvn_________jxmgz7yR-f___79R6AF48AF4EAIAAPgYst6GB5OpjxMgIhAsYgQAAAAA9a-wfDSpEyqLqv___34rgCsAgIBC54AI7yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJlTE3JwWFHPkqvYLCACw9gsIAMA2bgAAbwFwQUfQisFgdQkxGKw2u9FmMjsAAACAu____389kDJNfLPNyuRxzFYT32K5cC48jsnEOZgslquNx7e9ooa0EuxRR5Y-DWGZ_b6DkO92GR4-l0FOIogPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_Q3EYDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNEQYGCxGg8nC4hYMVqu1aLJwuSXGjWet201GztnCs1qODGvR62N6eDwbz2a2RcGAj71InhbpRDVczlaumc22Wjl2q8nIsdnYLI7VcDMxWRwzj8cilmhOFulEdtm3TBPfbLMyeRyz1cS3WC6cC49jMnEOJovlauPx7QuDxWgwWVjcgsFqtRZNFi63xLjxrHW7ycg5W3hWy5FhLXp9TA-PZ-PZzPaN2W60WA5Hq9G-MduNFsvhaDXad5hMz9TnbDSfpROPz3gaDSWOm8OgcBks3p_EtJh2Zwe_tHV0-nweZUFn9Pv9fr_f7_f7_X6D1nMwGxS-6zimHZdkFm25djuIDQZFLBFcpBPl3WV6y16e0_MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jw04mEtWq7liMJcMNqsEAAAAAAAAALCEOfMmAAAAAKeBDFfL0WqdB7GaLEeT1XIBIIqTdX94h9sc3NpMdxnOMLEMFCg2ixs_Vsi7y_SWvTyn55UBAAQmmTd_Joi1Wi1rAAAAAWwAAIAAbt28BYRZ8f____9xAAAAMnL0AAAA9PtAUAo9cKPXCvwEuVwtBg!&cmcv=&pix=31589837&cb=1674198455840&uv=3250&tms=1674198455840&abt=ampfb_vC!Noappq22_vB!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1674198453476.6!ts:1674198455840&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:37 GMT
content-length
0
server
nginx
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6711 		624 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGJO-yd0BMAE&v=APEucNWqIcblKtTZqpx7rLbJco30isSa9e0MNGsUc_QtFPyKQGTEJBZS097r3i0h5ln7XsvCLs9z5cwYT8e6bMGDm1HiqTRRYHfEDF1e8X43SWQ2mheKgbAAnFNWnKZgyJX4B4VGUZUXiCAEg9Pn86aGGsp0rIQ92E3kV8Ni_HccsNE0q5dGkWk
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F231 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 07:07:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F231 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOfuuiDOso2w5Ze4m36DP_6ODXTYz2FPLQS-6PXfdOgUcaiuPzIvlllVPlylJGynmCnmmOoJ3Cy8odie4D-zjVe3HofB9qIjWdfN40AcMBeeOF0ZY
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F231 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10045520663492616752&x=1&ct=76
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F231 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:57:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F231 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
51473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F231 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:35 GMT
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e0ea1296f06b23f70561f76a159d07c4d37cdc5863ea21e7047ef5f59a93369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
1755254
edge-cache-tag
379226829563982640636830187610323967922,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
958
req-referer
https://www.ynet.co.il/
content-length
14068
x-request-id
d675adce9a7b71de291544df90868c18
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kiad7000171-IAD, cache-sna10730-LGB, cache-iad-kjyo7100177-IAD, cache-yyz4578-YYZ
last-modified
Sun, 18 Dec 2022 07:16:26 GMT
server
nginx
x-timer
S1674198456.007991,VS0,VE0
etag
"ad38ee0b436958ad257214bb1766369d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 65, 2
dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc2f064ff9bc3c36de040d77c82c43890467aa13b216f9e0925a5e6cf306d4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age
1742583
edge-cache-tag
570355061721211699538449521237231190296,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
570355061721211699538449521237231190296,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
177
expiration
expiry-date="Mon, 02 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cnbc.com/
content-length
5884
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kjyo7100053-IAD, cache-bur-kbur8200044-BUR, cache-iad-kjyo7100039-IAD, cache-yyz4578-YYZ
last-modified
Fri, 02 Dec 2022 17:45:28 GMT
server
nginx
x-timer
S1674198456.033197,VS0,VE0
etag
"17a28ed4e5b73e2e8f70f28346e16bea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 121, 2
ryqsURzjs_0_393_769_433_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/ryqsURzjs/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/ryqsURzjs/ryqsURzjs_0_393_769_433_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
819b49115d6184d68d612edabcda26049a0f6702e16b8d9b3e4628f403afd863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2023/01/16/ryqsURzjs/ryqsURzjs_0_393_769_433_0_large.jpg
age
301218
edge-cache-tag
300195652200437828216117461924270755800,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
cache-tag
300195652200437828216117461924270755800,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
386
req-referer
https://www.vesty.co.il/
content-length
6784
x-request-id
2e1c684082ff9d557a5b09a0a9ece534
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100098-IAD, cache-sna10738-LGB, cache-iad-kjyo7100059-IAD, cache-yyz4578-YYZ
last-modified
Mon, 16 Jan 2023 19:23:19 GMT
server
nginx
x-timer
S1674198456.048669,VS0,VE0
etag
"e5b50c7b0faa079091f3536358bd833a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 11, 2
e57b71bf78acc992724d5578cda0e53a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b40f02abe87261d993209afe5b11586a25376e636f37a1497c7dfe040480b88a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
age
1333560
edge-cache-tag
581642981813423033132911081436147160939,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
581642981813423033132911081436147160939,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
17
req-referer
https://www.ynet.co.il/
content-length
17462
x-request-id
b0552e4c24c6ddf4866bcc9995be7c4f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200074-IAD, cache-iad-kjyo7100036-IAD, cache-bur-kbur8200081-BUR, cache-iad-kjyo7100054-IAD, cache-yyz4578-YYZ
last-modified
Wed, 04 Jan 2023 20:01:52 GMT
server
nginx
x-timer
S1674198456.050150,VS0,VE0
etag
"f008ab8c3de7c2e7619c3048808f3bc3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 3, 1
2b8bea59712f241ca743aba3d0c7ba5a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b8bea59712f241ca743aba3d0c7ba5a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a683fc79e3379ee8ecfd8f32e947347138c4b6d2aa324528a5389a9c34e2756

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b8bea59712f241ca743aba3d0c7ba5a.png
age
2385183
edge-cache-tag
517643170872777670088503676001066527527,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
517643170872777670088503676001066527527,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
211
expiration
expiry-date="Mon, 16 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
6160
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kjyo7100062-IAD, cache-bur-kbur8200129-BUR, cache-iad-kiad7000069-IAD, cache-yyz4578-YYZ
last-modified
Fri, 16 Dec 2022 20:59:10 GMT
server
nginx
x-timer
S1674198456.058835,VS0,VE0
etag
"0254b04454f1ac68e73ac28dbbf0d44c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 57, 1
insta-girls-juni-2022-collage.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1655130393780/content/gallery/freenet/unterhaltung/gi... 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1655130393780/content/gallery/freenet/unterhaltung/girls/2022/06/13/insta-girls-juni-2022-collage.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c5516b7839d392a178d6907f5cb40beceb99756596655a4818a1c75bd13fac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1655130393780/content/gallery/freenet/unterhaltung/girls/2022/06/13/insta-girls-juni-2022-collage.jpg
age
8473835
edge-cache-tag
575333140347004013682608692228625898474,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
575333140347004013682608692228625898474,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
1965
expiration
expiry-date="Fri, 21 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/chemnitz/kultur-leute/city-frontmann-toni-krahl-sein-letztes-hemd-kommt-aus-chemnitz-2708341
content-length
23120
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000059-IAD, cache-iad-kiad7000114-IAD, cache-lax10625-LGB, cache-iad-kjyo7100109-IAD, cache-yyz4578-YYZ
last-modified
Tue, 20 Sep 2022 14:34:48 GMT
server
nginx
x-timer
S1674198456.104607,VS0,VE0
etag
"3d21fab1f8ed91c003e8a437a5b7af32"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 64, 1
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8719 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUxZ3oozoflXvb9bh8YH8LNzcYPfif6qQPctgZRkZp7qs7nLngmUxXWBiE6RfeNVMuOMaOcXrbxpsSMQ0ePONDPkAsgm_QjT0qOb5on97_4MKqJTs3sRDvsXTPjTbN72rldTbK9TzruJUhUOc5h9q-Goq_whkuXakR35MUIL4fNH7myCtQ
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C19B 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 07:07:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C19B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ayh_YZqoKrj04Xp7NURV2ttWu78AuxvXzekE4V93PTYsckhS4ayRFCEBn9b1BnM_GM10zV5fo6n4tjHoP0dyhND5s02UgAAcWemLl77f3og0KWP4I
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C19B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17079805425386774296&x=1&ct=77
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame C19B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:57:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame C19B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
51473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C19B 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6B6A 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNVhiUbE9OwitxQEBWNQUw9w2u3AOKXg6zrrcCDex4Sw_XrMZCdatWPIvdXynIy1DIMU8nCQVlocN_W23vBSyvZ_VBcYejpcjX2u1p33jWA4RlYGua8CksEyd6KtRcFt5P_C53YavcsE11_PwGuINCAdhCIi-ZzB3O4G_vzNlcaxIX-RjeA
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2F33 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 07:07:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F33 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bw-TSmjJYJH27e8Qlyr1d_mRR8o94nbG4XyNxcz3wfGXjrhPF0YSKG86oiPEdOZ_dTcPZ24AzX6uFGLZuXe3DWZMFuPlifcsRoNIsy4DpiICSJwL8
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F33 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11866485274032171334&x=1&ct=76
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2F33 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:57:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2F33 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
51473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F33 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 623C 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNWOdvAo2AggEYyniEhYZMwjfVAXbq8geYsjh2LNXDwk-zPlp-2TIeebb7a2YwU67vcMTD2Ra0o-hDdk7Y94U34xzi36cqE418sLmqPdan23gheU2AFWES8IbnQQoAPUnjW-FdXmCOYYQHvZzem2IwHkk0LAe3DR67GEwzfQgqea5djiBwI
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9DD8 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 07:07:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DD8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DuEOWod0Rh3axdLs0Kj03rNCqE6pwFV4pzES7gRH84j50n1yGASDcg9nK1nrBcxLdd8Lf30yysPpYEXVHxXX_cEkb3-yowvlAclviZ8W75Ar2cWQA
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DD8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7614188201635870327&x=1&ct=76
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 9DD8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:57:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 9DD8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
51473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9DD8 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:07:35 GMT
f06b8e11e166ca18de28dec31f364a56.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
163d6aef40ae55df4d8dd3b736082ce1ed5f047d10f3518dc0c41d4d1bc2ea8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
age
5170703
edge-cache-tag
306513147387022570637336144701606807403,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag
306513147387022570637336144701606807403,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
84
expiration
expiry-date="Sat, 26 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
3666
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200045-IAD, cache-iad-kiad7000022-IAD, cache-bur-kbur8200036-BUR, cache-iad-kiad7000100-IAD, cache-yyz4578-YYZ
last-modified
Wed, 26 Oct 2022 22:10:43 GMT
server
nginx
x-timer
S1674198456.112503,VS0,VE0
etag
"627088875098e7277b9bef591cc43e2e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1, 2
view
securepubads.g.doubleclick.net/pcs/ Frame D126 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUghgaM67JGXTPNMQQ9SaRhy_Egp2XXZ59p3hMxDcl8AQM6ytLsT0bYr-utp8Hwxt_GGvQJSNvqGPGYx1zWd1VQDTyJKt35j9rSx63Zil4mUbKkoMX-FHzP6AJqFb4o5kRxjcUaApSwJhakPLK0J2KaZuzOJo3InNY8n-9fHxxq4YqvHEYRktj6gpwBHyFFxppmbfJLSlqkg-WSr2fDuqLJPQglqLCqOCd_ssDhR5jpGGzekjA9dlQHIuUtqo__CykMe1A7bOlsji0vDAq7-okX7bMqazhp0m9hbsjICPXlT_6Oz7Di_cD2rU_t35L8jz5eH_fUcMBQUgZN-ri&sai=AMfl-YQjEJpOGr6DR9571hl11C4xKoyynx130HUF5tUYk2_5jPQ_jpa7H6f0NfxefRNcsWBZwnh3zcOTuOQpzyBKcEWPq-avL-2EP7Hj5vITb6O6iHRG3c7FRRkrfe6OjuTCP_ay_m2wPAm4uBmGqferrYI&sig=Cg0ArKJSzBDH-ZpnMlNjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-NEquxQ1hTnkDxft9qIMLGeUjn6B-Ouzh_xhu6WT6dJvoNECXXTcUcN4SHT0V5d6Pgd0U3WP-BoPTj16V3cRMEFx_CmQ6Se5adyCxIIchncfh-iG42Vvkk_3yg10FIiRXcgoG_Pc1fVCEBtObW8yc9U-mwWWk4VlokC4zEXUMiIzjtVGIwaeG-zObpmBRYD89qXMG7Z-BTf5O8_ed8aww-RRRqQZ-dMCXvE_6slYb-sgijE2ciIjgzoGBPW8HzPZW4xbDDRUN73oAoPGb8mJr-K2VXbNc1tc4t-3sJjOvq0VklZxmoeADr_OQa5bZP1mNca8q3PS0wLbPJhyY&sai=AMfl-YSnLUx1Dc7UijJzg0vcSf7_vOnoeyAJr-rV164fwXMUyzCnuEEg3gSSKDelWgmz-6ioDHnU8nDbTEGuBNtMrD3hyRQnBB-IoZPN1nkPlW4u5gh7mSvaetq3uYM7cQeeuEJ4onojJVu6bk4e8pKHZOM&sig=Cg0ArKJSzLwUMdTpbX_gEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A364
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F231 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5650649159966&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F231 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5650649159966&version=m202209210101&ct=76&x=1&cor=10045520663492616000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F231 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dknqb48onLurV_3isexqNL_ZmFPK4-MUcV4o6OJ3QhflJIMExc2QmIVmkDwv5VXOhtZqPM7ahg4wWpJv0hc9eLdw5nQA&cry=1&dbm_d=AKAmf-CfepMb-2zOJYxJOuMl3GcY1Q29HCyvNyAKRKqVocsh--Fwgm6MRBLgUYDltwouJWo_Ls8Hj0vV7UZqYYi2jKM7nOafNfNuLX8irf4-0Uj8DQBfVJOjKURI1U6F01p5D-bJw673j7TaV9DS89U3nSKKdVaHFhiuG0uJIdhRo8m4qMw-NvXlNuLg6Ytf8L8SqpGJHi-_L0suwFWyV1lrWYlPgg9L4o4zryyDP3RRCeWgqfZ4TxNFfB-d2c2Ntn9gRCrNh8iZA199Z1qQ0gcg-BRf85fUDdFd_nTjCQwap53sRGOY0MjM4Ur2icy35j7FH996k76-C6K3cfvQL8QY0K_zc5v74H828v_zaqtfU5pR3AldHEvvVlRSKfAPmXH2osdJPUJ1lP1jPT04Yw2NLcMJ7HNER_3nRXcufVCGYP_JdP5CtCcaPH0GMV5Tj--rU2ft_hq14TzfqUyY9i69mrOnUs8MfC7P-GNE2NF8VVbjDpv29bwarT1sfsLsbquoO4PR-Umt49aDfAvlKgNVCcFGA9q36zEiM2scs5qyeMc3LCeqzsrQtGjh3vIBRONRQTtxuoZoEzrVnJafghH1xVsaIY5GS1TWQtolitD5mU8jzhzpTod5781lT9AmuipJWXSllYFlUqLbKINnlGIESeOQo99EaT2tGOjFjYEcxet4qAYmJCC3dsihhyAQtd3vn0PsiCXJiDYcwqWl5Ec4rVv009IA2navocZWtrAM--yL3NQQi1MhemCQEzmH7xVj8ISIcvxLVEtQP6fInml_9iZRN1ClGSB0NsTWGmJ9553DJCKsGNNY4dn7uvRU_4GMMByvMRag5NYfBXfgrREAXVE7pOOqCNPC2wevJapN2D4O01xSHyYmPOk5ZZgHKQ9Co1ybUb2Ax5Jj5uDAc6G1YpVPDdeJGgvvV9r3X1JxMl-vEoNzJhtR3cVaMKpSyLmP44n-YwYi37pzKFdGd6CUmzYT8JbZxp-K_8ddJxfEEIjM0QR7LhRLxu6kmIeN7l_NdrcHhQb7AQNmNreP_Jx8M_mYh5SlTUgcPJAFW0cRXopq8YvOWv3RmsDfIxy0RNMz-M1ElKu8x-0ory6zmCAwFEkl0cHxpUKkqKgY4IBkewWzmsMVYZPl98ez8gh9Sjxwj-yBZy7TTn-mYkchAvUIGytKBG_7yNe-rqn9ub1D312zXFyMsfQ5_sv_0h2c69vJqyocAkA4Gz2O9LCq6EM7kKfEo3EnfQ3SZ1iyCI9Au7IftYmqILfDUzGGActGDda7AXyBLF1r5N1MWjK-vMnimZZF1B3Dx_sao1Y7bNzxUg5QdE7OU2icR5b3e74KCxKOc0mi99SklTUhUZL3KWZXYzWKeZH9f4fblKzH7mv9j_u5szC5tB_ENtSJwsv0Xrlofb7jNuz69uJjYMFp5u8_yYcm7YPjErpEQmKI3qScc77GugeNUp4Suc424tTZCkyU4GsJd89ZfOLablcXAALFmm3-1RjIOTAZWlolI7cWS30uye_uLpkHqxl9OD6UY9GPdGMbUEQ1ajIvgS25iqZFwVuyyfLwU8tCQ0inVvDEkf-yAo3hXpcFyN-25BErVT5n3i-AmEXk9mjtfvf1lbGdCfmAD8GYaJn4ga5D_Qjw8RRZW_NTKteKQ2WpBvOAkYcorUBzvpqgPn_TyzcyVy89dpaphFVZm-xkJip1awncdKH1fklv1De-a2OB2I5XCI_n7IfW3OTIPuX89W7QTiAwuahlJaJWWnfibWv35SYDFUZyYw_ReXkTlKvkp6Psmw0xmOySVUgWE_f4S6sHrFjObJMmDz9js2Ek2_JYafgf3cgwOkijnVjbtpzK15fRb-kVAcddCPxI48vR9H7y0BXrz6W6GMla2f19bDeV_DpC-MJLtP96q2WUbyCrc6uWIkIUl3-cO29eMTMhzHUBKi-ccZM62mENKamGhWHtJP1iNA4n0uXQSKOyaYc4Eh_3tFbYBuc5Er88PLOVsehwk0ayvsfh2STbGQaPUWZb1KmimIL7nwfliixrNjXY0PyPuQ88OR8wLC6v7bPzD9aOhlYLH2bBbANKAicVtboeeBvx2KpKL1_9e5uTsh3gIKdfT9AGDkjrNtzcJhqUaZNvXMe2U8t1ZQ10-ZjN_vXkus9oalc-UpnrGWXH8nfriCOI7fGCmgIa_ybDKw5Q_aBCCJ_lhKVVjrSbt0X5jCenJWStilbUIQqYSmJBXiUZAlUudvvF574Hat7DQxOe5irR0DrkwHoUoeAXjf2TV0pBTCNz4Iwph8LCBSELt4rYkwe4yCRvka59Vnm02D8M9Yua9H376zQQeTqwBaAi5k2LNctwUcUAFriDHFE_-M6H9hqc_Bt_BDFc3_9pxEMufc9EtoQh4HY0K2mOIoUxwJOpbBBVkrom-GZh-HrqI2i0cnFnYLQOoyoo0u5kSf4hddM8LW-SdNkIxL_yHjoQmWw48sbde4e4UV_q60n8jAHvJRTeuzQhxkcENvi3ttS8rV9nORDOkXvgz2QGVr-1tr2Or2QtefKCTCdVpfN-0Tn1RpcLcroWEBCW2Nf9w1RNEBXrp0aHEwLM-9lK7JC3L0jlC6Ji6AngkpDaUJZuMup1P7OkWHxXSWxhNeGjRpxJHqCHuFUlJxaZnmRCMlwjBbc3UziFl4vWy8TqxEZu74SvhuvsRevK0i4hFVffw8CORcfN3rqOUoSJH6FKA_LIkqu4MeQGiPaon9Zhh7G2R9jJSAI-i8qy2mv-u-g_ACoigfHaPrk3jb52xoqRuD3TGJbNiEMRVoU3wjWu_jCkYbTdVsq9vsjxyrJTrMJc_2b6i3ZdnE6HeLXlMmbm01TMmvfa4t2yh8EfXqhcTd3bxwfJEQVyVOvyPZPFxBO0TYBsVdukYxxB83EPZ0wTCeIeOLTC0FNMB5Yxk4Bm8K_bjnL0297VQNH8sl08U1voO3zaVc_7iS_dU6Km0jWdrK1-q3GKD8IX_YBIYIHXXE93r3yrhaw31Gl5bJ3iC9MUHGdR-5eFMLYmQzg4ypM8fWKKvvRyKYTmirwrQbnojtXsKzY1GJR-pHNT1RxubG3dpnXdUtuQkBFV8FZgVI0G2Nf4o8qKladsjFfPPONh-iaeyjtTlC47z_bZvE9RlveTHHJoBX7orYbqBzTorEhNwl_wKdRLAElkt1HPWRJ5Kz9LJjU5aIZW-dVpepvspQzg4uLSzILf4KjyvLgJ6xzCosRaY7ncaFw9MPMBqJDCXIveLx-TMuZD_TBkh5NlbBKdfCss_-R6eW0v786CIh0GY5RvZ7RklMxyf4Mq1YVXUJ3qYGe9iOiyc_vzuthqucJdT_USs-h6om354b1Q2jAUfWRkbmWXK3Ju1zdpGjuvoicSnu-0Og5ghnXGqsa5xNukD2fb7G8FhfNO0HZdT-A7J5a7JU9ItuPCsCWgkzgwKsTjKdQpS47t_Lqgsy_iiYg008Vo0Zh70Q3FlqjzMdW905bJFtsiDLQOWUmEfYKnIYceqCOVekbVHyx2xvwVe4PVI5GvddgTkgu8INkhiD_ZCVGQfVQ5Pl6iU9KQpSFtG74R4brraX-n_yOY4VcMqZjynly3uEgM636TGvtGQf1OxfLNKEye6UEM2o8q60AltyM8i2gxUdv1F8h8ntLxkNWZsr0VACFgotn4AARb2PF5NA&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=10045520663492616000&adk=2228999115&idt=60&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9681f457e147b208695a92e912b89d30ee2eb46bd6b6fa1de9158dc414786076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35709
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A81C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 6711
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGJO-yd0BMAE&v=APEucNWqIcblKtTZqpx7rLbJco30isSa9e0MNGsUc_QtFPyKQGTEJBZS097r3i0h5ln7XsvCLs9z5cwYT8e6bMGDm1HiqTRRYHfEDF1e8X43SWQ2mheKgbAAnFNWnKZgyJX4B4VGUZUXiCAEg9Pn86aGGsp0rIQ92E3kV8Ni_HccsNE0q5dGkWk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6711
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGJO-yd0BMAE&v=APEucNWqIcblKtTZqpx7rLbJco30isSa9e0MNGsUc_QtFPyKQGTEJBZS097r3i0h5ln7XsvCLs9z5cwYT8e6bMGDm1HiqTRRYHfEDF1e8X43SWQ2mheKgbAAnFNWnKZgyJX4B4VGUZUXiCAEg9Pn86aGGsp0rIQ92E3kV8Ni_HccsNE0q5dGkWk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6711
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGJO-yd0BMAE&v=APEucNWqIcblKtTZqpx7rLbJco30isSa9e0MNGsUc_QtFPyKQGTEJBZS097r3i0h5ln7XsvCLs9z5cwYT8e6bMGDm1HiqTRRYHfEDF1e8X43SWQ2mheKgbAAnFNWnKZgyJX4B4VGUZUXiCAEg9Pn86aGGsp0rIQ92E3kV8Ni_HccsNE0q5dGkWk
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
AN-X-Request-Uuid
a9384c90-bb36-4b0d-b01b-8eae33f2a487
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6711
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGJO-yd0BMAE&v=APEucNWqIcblKtTZqpx7rLbJco30isSa9e0MNGsUc_QtFPyKQGTEJBZS097r3i0h5ln7XsvCLs9z5cwYT8e6bMGDm1HiqTRRYHfEDF1e8X43SWQ2mheKgbAAnFNWnKZgyJX4B4VGUZUXiCAEg9Pn86aGGsp0rIQ92E3kV8Ni_HccsNE0q5dGkWk
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a6857a5e-8e20-4ecf-8020-426020deebea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8719
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUxZ3oozoflXvb9bh8YH8LNzcYPfif6qQPctgZRkZp7qs7nLngmUxXWBiE6RfeNVMuOMaOcXrbxpsSMQ0ePONDPkAsgm_QjT0qOb5on97_4MKqJTs3sRDvsXTPjTbN72rldTbK9TzruJUhUOc5h9q-Goq_whkuXakR35MUIL4fNH7myCtQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8719
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUxZ3oozoflXvb9bh8YH8LNzcYPfif6qQPctgZRkZp7qs7nLngmUxXWBiE6RfeNVMuOMaOcXrbxpsSMQ0ePONDPkAsgm_QjT0qOb5on97_4MKqJTs3sRDvsXTPjTbN72rldTbK9TzruJUhUOc5h9q-Goq_whkuXakR35MUIL4fNH7myCtQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8719
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUxZ3oozoflXvb9bh8YH8LNzcYPfif6qQPctgZRkZp7qs7nLngmUxXWBiE6RfeNVMuOMaOcXrbxpsSMQ0ePONDPkAsgm_QjT0qOb5on97_4MKqJTs3sRDvsXTPjTbN72rldTbK9TzruJUhUOc5h9q-Goq_whkuXakR35MUIL4fNH7myCtQ
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
AN-X-Request-Uuid
f766a00c-0d68-44a9-ada8-39fc21dd4c33
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8719
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUxZ3oozoflXvb9bh8YH8LNzcYPfif6qQPctgZRkZp7qs7nLngmUxXWBiE6RfeNVMuOMaOcXrbxpsSMQ0ePONDPkAsgm_QjT0qOb5on97_4MKqJTs3sRDvsXTPjTbN72rldTbK9TzruJUhUOc5h9q-Goq_whkuXakR35MUIL4fNH7myCtQ
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6298e221-9722-440c-927e-efb396c83ae5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6B6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNVhiUbE9OwitxQEBWNQUw9w2u3AOKXg6zrrcCDex4Sw_XrMZCdatWPIvdXynIy1DIMU8nCQVlocN_W23vBSyvZ_VBcYejpcjX2u1p33jWA4RlYGua8CksEyd6KtRcFt5P_C53YavcsE11_PwGuINCAdhCIi-ZzB3O4G_vzNlcaxIX-RjeA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6B6A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNVhiUbE9OwitxQEBWNQUw9w2u3AOKXg6zrrcCDex4Sw_XrMZCdatWPIvdXynIy1DIMU8nCQVlocN_W23vBSyvZ_VBcYejpcjX2u1p33jWA4RlYGua8CksEyd6KtRcFt5P_C53YavcsE11_PwGuINCAdhCIi-ZzB3O4G_vzNlcaxIX-RjeA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6B6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNVhiUbE9OwitxQEBWNQUw9w2u3AOKXg6zrrcCDex4Sw_XrMZCdatWPIvdXynIy1DIMU8nCQVlocN_W23vBSyvZ_VBcYejpcjX2u1p33jWA4RlYGua8CksEyd6KtRcFt5P_C53YavcsE11_PwGuINCAdhCIi-ZzB3O4G_vzNlcaxIX-RjeA
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
AN-X-Request-Uuid
b0f0fcbf-7039-4ab1-8cc2-7ef8013b353a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B6A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNVhiUbE9OwitxQEBWNQUw9w2u3AOKXg6zrrcCDex4Sw_XrMZCdatWPIvdXynIy1DIMU8nCQVlocN_W23vBSyvZ_VBcYejpcjX2u1p33jWA4RlYGua8CksEyd6KtRcFt5P_C53YavcsE11_PwGuINCAdhCIi-ZzB3O4G_vzNlcaxIX-RjeA
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7c570b51-66e8-4029-9c09-190451126c63
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 623C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNWOdvAo2AggEYyniEhYZMwjfVAXbq8geYsjh2LNXDwk-zPlp-2TIeebb7a2YwU67vcMTD2Ra0o-hDdk7Y94U34xzi36cqE418sLmqPdan23gheU2AFWES8IbnQQoAPUnjW-FdXmCOYYQHvZzem2IwHkk0LAe3DR67GEwzfQgqea5djiBwI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 623C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8o9uJBvRyK6F5E0QtHetAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNWOdvAo2AggEYyniEhYZMwjfVAXbq8geYsjh2LNXDwk-zPlp-2TIeebb7a2YwU67vcMTD2Ra0o-hDdk7Y94U34xzi36cqE418sLmqPdan23gheU2AFWES8IbnQQoAPUnjW-FdXmCOYYQHvZzem2IwHkk0LAe3DR67GEwzfQgqea5djiBwI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTgl5eUezE0JgeAyQqEbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 623C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNWOdvAo2AggEYyniEhYZMwjfVAXbq8geYsjh2LNXDwk-zPlp-2TIeebb7a2YwU67vcMTD2Ra0o-hDdk7Y94U34xzi36cqE418sLmqPdan23gheU2AFWES8IbnQQoAPUnjW-FdXmCOYYQHvZzem2IwHkk0LAe3DR67GEwzfQgqea5djiBwI
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
AN-X-Request-Uuid
ef4bfa3f-e9a2-4e95-913d-821f12181f04
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELkaTPfkMqtKu1x8qTN4ofk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 623C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGODDyd0BMAE&v=APEucNWOdvAo2AggEYyniEhYZMwjfVAXbq8geYsjh2LNXDwk-zPlp-2TIeebb7a2YwU67vcMTD2Ra0o-hDdk7Y94U34xzi36cqE418sLmqPdan23gheU2AFWES8IbnQQoAPUnjW-FdXmCOYYQHvZzem2IwHkk0LAe3DR67GEwzfQgqea5djiBwI
Protocol
H2
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7282911a-4862-4a2d-973c-0bc08a5736a7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwMjQyMDc1NDg4NDIzNjk0MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C19B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1725064392368&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C19B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1725064392368&version=m202209210101&ct=77&x=1&cor=17079805425386775000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C19B 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqYrlZqhAx6xptjShxwIKBafdfoWozH8phq0uB0RaIgA1Cm7pDc9VNjXJX3lVR8uXm0n0ATG5WWdt-Wmi1DcFTubXz9VyxK6vHoTJKiWTG39Y1yDKPbnRi_l0vSK2pYe_PVk8ExPQJm0DqcrF4rs9kyspvKlXQE3G5ezTnjRro_4k2Yfo&cry=1&dbm_d=AKAmf-DgcRQZMoQgSnvLiqFWDW1anYxaHw7lsC_B2ExePhQL93iVVipNPOal8uXNYvMir4jcqVDT7-GESr77MRb8LiLlcuxfpSDKNbK31i93lUp1mApPuPL8PhfDlkYwvvIXo92Hd_in2aCeNcqbFyspfbYbb-lOZwbLD6RLv0JMb8hHNwQazQxSabJ9iKNaCMkthzmsKwIEj0cS9bEsM5X0lPvimOK_Kb-Rldt5xGDCXjk1La2aTBWC6OSdGQnLZkxswCQVk1lr0fMW2i8JTUz7BYRmONhZ_3E3jpjFhFWQ1BxHRSnixrW3zmpnzGvXrwzsXJVzbIj0tKKGqGHuFyifkX3P9BMqBL16J9ykD01n3j46JwZzTHrXizKO9eymwnmFnMwnATh2XX1mkQPLADdf_LKpCXpzy1T-Pv-pv6z3zsiwC-wuzb7DSrjJGc44M--Qf2874jitD7rmBWDy4N1VdRUfi1gfiiSSNQA5IKwgKFaH5k3bZErsFhf4boXmsgoGbxlSjZu76ereTHKiRrhaAfvbOG_B8yYTmnhKJlq1P3WZqgSejDzwmPvqhbJk_RULD4IhIUQ3p4mvacuf37CIPSk8jSZhsnQZF7p7sBNCQMbFGmoD5EO-pcOIdjVcj8Rd9CgWPtK_nuSzIF-ExBOwEagtl1DU5Zjl55BaMorztv9ulSVB3KmdDvcUWEkfFEnEpBFfp-aIcT347L_PNwRHZGeg6rKFTJt6aVR31iWlZCht2b-5cXiwJEbj5C5QZhj7erZNLmQDNGVydC50mrnJhAKqcF5ULG47UiRx54UbSScgM0tjPRo07J6xFI7apClcLFuHwF4xPE7KN71dAPTtlC22JZp7OnGJ3kMOKAEAXReQFzDPtyU1WrB7E_trp7Ag8SA9qc2Ige0LYrEzqemRT8oBKqx1pOmhZMyq-ZRA7T3w6XwHYbPTOXk4uPC-XzAbT5YZ3yevSimeg8WFVHfzkamdTbT5HPjXRMGl_J6_5MS-PSKcSMVu6AFz0RDm0y6qz5zGf5rHgODcMGUNx4fVdWD25LYUqwA1umtOdXxY60BI2qaIt2BrMySq2PnbgM-GjngzZ-A2hbMUt_hqQGJcdb3CM34JdxxFT7PSms62T6u0U67-X_5GdFFuFT7LJQpel8FDCyABzFGoSulr4XVqCblPm-dGPEv-0kpMB6ufA7Q0U4m46reMah03znBDK6uojOJ1IqKH-CMjAWUeZlBvKGet8VfX5H8x1D9DoQBn6RbY4Q8XiwgA_OCbCzP_xKAMhM23loqnD4-0qztgcDEj-Allj0JR_9tJq7dqU1P8GV4zvBYph9APfwTTGgQZX0oEADY94mXw3c8iQ-QrSUAINM8aLDo4ublwJJUtqF9IoR4Rsi-Ruv3Md8-AnosI_D_CLcfaunXUXUosIdAhXXwMVVU96SUc5CXESVAKND2aWflj1ienWa4GPg9OzJqpK_6VhKrR4ZVXxvfWen-eGLhikJ9_67Oy99yXcah6HpJlXUxoB41XhD3JGp8JayHNWPx-424hO3enwCvuG9Gxm33R6kIcUKP2ehOUeGXlVN7OoRRzUylwEsS_zQ1Hf58SNZVL2j_F-HeGZDwL-idvWW9LkcNbwuxgjQsOHxmHOg3kwoBQjASSNmztoVT225gYDvkodS1Ur72XJ7jwTkEfSHZgRQHRfaJ9GtaZgFcDs8Pa98hCEVk3Z8MyNCSPHX4NbVLnDid3KUo3eTLdBdhk_Nzw3S03FX9GDtvEUOggUhxx1S1yq22AhZXVVvJyaaQ4E95zxPthTYdaaYAYd1J_k6xX4UevZzTx3YuygflLslx9na7bM7Bl7q8esErCTqwr46nq-0fLA7kg2ifHQzKPc-9AbkhTnndcMBaLdN7lUzxtqQru4L46g7QIrpMHr7KznzhJ69xmQGB5Liiug3CubfiOqcTYtoTWXNNCYEHiHC-w2_dDeZHjVXcQQnob_YdMn0dibo82kO7IHqtUQgDUFMi59qtBpRwq3hpdnq47FTWu-llIzBlhDqH3imf2jltr_qngm5eEppI7u3qWD8TeXR6qtfpjKftfMTIh__oC5m7k7QkyImI7NkVKIRJB8OI9JpsGjLOTDjpUQTR91e4lJMUiwSv6_RO_vICJqHpklE2lyMxutdM7PDlYqwxUrnn_jMkAjulzUvI6s2O1vwmXdOeg5WvDNmPjmhuMXOLUXHwMCO6KlMKLEriVinumI5BoHTzSkFk9HviR7Ameg_Y2pa_AI1_xQSwSV3Soy-DnucrTeE2iHNWbrq3KLOQQUlVMGo3Q-dQ6kVe0HnznPb_OiSn5iRjrEtCZd9fJkB6VJavcGEbvs0D0Pk-grNwRkecsZ4XaDMSh_LY-1MG1hDvk_n4IyPnInKeis9T7grb6WHTUUvC6xyksUhmHu7WKzeC6AxHEoQaVwJktWSMKoaN8ljfAIMPUGcyjDXJXpDo8Sh-D2T-z1k9txp7t_E9IFDpQz7EsQVcm_bXegDrciGPh4sDcDstKOrgVzbao2YM9vNNHXW1ibtO-s9RawnoBXwXbYowz_9Hdpyai1RAOWqsQskA9fAPezOHyYNRRTO6GB9u3eotzRN9j9lKtirj4cTz51Zj-3e3KlzSO5CF-2p8ICCk0JVQUBi7cvcFPvpxNxNbW9Q63XbHSZ9efWtnSYlhXMrLVPeK2Bw4KP4FXxof4K1WVRBLv4b8gmIo0aqH-nRg0JNvpY4vBFXlk4_L7RsWY52zL0OSZ1bXgKThxjTCR7QoXaXK6yCVmrXqqo9fFa7bt5ROuGHThO-2Wu4o9xx1YX0ZHp8iopYfqpSbfVvhzHVRFVi1bHSAULFuMK6Ux2H_gW6UjiJlMs9GuFZ5vU40Au2CQ4rhcjnFOjoUqpNcaF9Q4RBvVCuHo2lg0Hp0398laB4CAHwtlt-mMaEY22VmMpspzeNA6D0Y_AidP4ucQcmD74Ld0jdHt808Sih_LOtSW_iNMUsg8jXuG1t1nrdS3Kdjjt4CEYCziLYQSbQKcUhM4wfMGY2IVbgGZL-6qAvQf37X4xsmDqfmfrSQtGuffSLceJrpcU1eoMMdOqD6wo1aErnj9BKe7mc4PYuOIU9DHrVImwXBN4qrn4qYShzyBJxBl1T0VBr3pQqLtQdEKFzRWtKXiufoz47uWQ5oXuV1LjWxa7PF7zPa290fjFWnMOOjtuFUMLmh8kihCB9BYpRbqVH3XjjYWWE0Wzv7tueprKvkB2knYqDmVs1H05Jbpte7pNYv-kqY1_lwiyea4meLzh_Bdq57VaHq27WBxTFx-MWuoxpCgotBGD-UMRl_3_AMj0Xzkrcm_f8-RIyU1l5X9X99fIHqH-YmLREQn_hlanmtnn9Ovd7EpyA9QH_89Qr6w6pag8VADHKfwiJWkxTF3J3M2mOQmeZONkyptNs26oIqqvc61LQAxMIfJIm388HFGZJx81-TcmGo_5EomGHQwMgLUL-sNZipTuhBkCKdat2HrE2LSGS83Jd5jM1Wkci_Cc8rDuIuabcen3Y6ChwrkSHlyh56wjdG4v67o3-2CpZhX_FVNKNG5es090Vnv5phpX5wOFEjyio9Fa_zPQ2W4F_h9XqWKprGWYAclNM33Ag0G3-ba3WpcwpZo7T-amhzS4_wXHdI9ucR5vUzs7KWGiEOWy0JzAV-eJSFIzYS-tzYH_lpZhl8bpf98ky9SYvpPw44gCAIge2UqSnRSWM7aI-Znjp5TdzRoE3FS0OEWlEtu9R4vlhOofsLeFcF8lAyJ8PhbHkZAV5932HidYtbFRzeGbDxhL_nY0ijPq3jOXrjL0ZLmNyiAweH2pIeYNeQnuaDkv7S4DGbk8UzgvCthDBgBzEqXHcfP2Td1V7DVc4u8EnhROqmBVatH1H3qT3GvAjrujVwxv_vCgcrWpONgMJlxJ0ZzTA&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=17079805425386775000&adk=943508955&idt=131&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cf2eda65bd046137249945d6ed7034df09f76ce5aea7e05b51f4a7681cc9725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DD8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3798033655878&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DD8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3798033655878&version=m202209210101&ct=76&x=1&cor=7614188201635871000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9DD8 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Br1IPkpghKP17VnoetHTcpC73AbehLf_8fsujpY7pgKPDqkxU_ovV4OaZRWJiLk8KiZLNxZ7w0nTExKcvUmDWgcHmZ7A&cry=1&dbm_d=AKAmf-A5h6zL7BPtX219rMMXHglTjO70POmzvkQWJqWyiMPbN0Qyx6XYGVCC1MgruiYQyV9HaQ78Amuw8kqR3ZudA71xuY5rcwjwSn_93Dva3NXyZ8A09BKx3vmlCuI5gtxQQGbYHL6bpSGQRi7idW3jWF_FsQ6QnCXjUrU4NuiO4ajlPZBVTzgkel85cxyjZzgH9saoM073jiPGRUCUvK-UP-JWW71bKtOrn2d-XZ4Fkm8nhWIuVDSTEkh6ifXz04rxk2W44zaT5ul44ndCR9PLLfpxuHFw9T52ri-jk1_eaeqPTj-ZJE4UtxgFc6uOYGfeKHSj55B-u3fne6lxjlA_yv8TD20OTTIZcFjMdh7rd8ktM6fn3Deglgjk3ekRTJJFDFFaGnmVutDuCPx93YSfD89Fx8xgTSCl61ylWeFuBKlqob8Nhi90wyMwmysHY8ArSH0fcghrr5kMNcKptKaSO5oB1exrX2vnPOz2AzKV43o5epXTYeuw6dipQn7N4IZficLM7yHYG34lVjyMxrJ767vwTv_HAzeOZ49_oMgkJMRkU59jrSULVN28hX9yrriTwLdxu6DRSVcW52mki6BY9DhUr0wIzqHohQBC48DtfyhTAU830ZyFGKpr5-cygQ_8dBCCkT-7kdzFThoqiFVxqFERtNfUHTkaLnmfUye9vmdk7oEhYLa6qjcgXSVxSEX1C2006RMgmOPXwI3HU4k_ia4BOek1AhV7kDDPW2OoOWjPQR3IzpxP5VIYdnXRVL9gEmWHrecKgbvIpOJiKMbysUVTtZJYLJdd62xQesZxTjBqJgshFCe83_5dPh5u0Lqq0r7KywxmWLS2iJPD6iKNSY08NHl4T10GF36J40u0qppMf-nOD5-hx8I_4DFHwlixvvBHeqW1n4bFOReYsJhQdW4w6Jwv6l_qbHWtrIGSAem8q_XDRg0X_s4dyOqpqqGSfMyCVxXRSJp535rb98CrBoJEHjBJkJehb0JVdIgnPMBDnglEmJIkW6LN4yO35gILlfRaLplmJegYJQif1IgwUxb3p7r4hQ0lEwssthhZZuJdElIxGXYwNnej2huHwhJfU6WJ9kJVgI2W5F2LcxUBQ0dvbnFtAxY60SR8j6-H1XmM3IzjK_qIQUfTy38f1uut-9JgF1w7b2yLmujtJ7NC7Jo1MSqw-ue6gEzmNmkQNHPKxyMdgzkDyJbYImKJUnE5oCcA1oevF-mYZUpLcUPu1w_zjxYfV_2GY4k_XkjTxG2FiMRaXyeuC7ZSECazPlYQrtC8UFlQrTpkmBN6uJJmrFP-1zJ9zBQn3DGzAO9-7KorhDt8gq7T5CVFl83FhlUMWor8nn9wcQUit_Fj4nzf53JqOkAbKxsNS5emh-tfv3cTR0l2UT5Ypi4ayEno2svufVwj6OFSBHekG3yHew8dD1dDluNUi_XuW4vs-ny_kTqG3hqWHXrZWPw8IiouWj-Q4aHirWFl-Hr1E_EycRqx_WfxgnmjtqZf_Uo50IXWJQ-WdSCBSIvaY8dPAM7Q7kCSpv_V8xIHugwVUYMy-0OIkuRdPg5s46YydH2x7fGvzXjPyWZhXqu-J-nUoM8D_EWvoS3SN78hLPN0NkC2tDLYkkY2Zvy_f6xaEk9Fwu884uyjcw3U2OOgOx10Wi53amVys5AMh7OcPul3amdaEt9JZAYmZr28cm4-9jAEP0Z2U8_N8EqgYWjCZh8vkXYmjEp_V91jhgiKzWmGXtBsUgCl5mX8-0__yX8iSaLQBlUe1t2IHWfRZj496otfW5F_oZKh5yLjSueJH79V8T_7ejeP_74XNrndTrUORNPuha6hbauXnkfsfgopKJZOjzO31ORFzF7dvXZ1U22OerDYULIWp0w7aoqPY0oswgBj82j2JMPGpNPORZbu7U4n7ej2fiXsQgJZlrmWtTB4_0OGxcPzfPxQu6GdIrXnbennYEl73k2ozH4Z3MiMxEWfdGv8RODwcabLz6McG2vE6nfSMHtQXNHRJd6hLqqVxOJOhbtdMnL9WID3JbWDQdJOxXLV0x73QdCWBdv7niOKVB576jAPh6iho9PpjeRvmjzwa20YE1JUS-6D6LjoAkSWYU5NNsV2ief_OR0xrerYDdEhxbEUzbMYC12Flyn10o3nHuXEAKFocCvH8sZnHPhYq0b1_4LGyoN5tAww2rPT8zY7KggI1Yj0wlTdoZb8DOXSiXphg2n2NQ65ljA5Ejko41KwHc_lOe4uasdDE40lOShk2e6ExbBmtxskMmcpJE5yjwDNeARFkXaPOAKLZGKq8mzjHsRMCnp3_RT_xqKmYsDub8LVINp-bCIyjoWnrgIKkhTjAaLdO8ilS61lYTryFkj0k6JSqiXKuV_xnKjPMtbyfP2HFkvHtkqtCiMzBL0q_9wQeIthML7pwm22wkJ7RQVUMiMnB6gGgXrmFmDWDycdA-tpAxaeB5u6AkV6o0aIfVscyPScNaO3raV3AI-IZhRxJ0uVOY5tT1ttGiVgJGqu7Wht2BJBUD7vyvH5owE4GKe0OZlIXTORCPPd0JVbCiVcQGomoDoHejqPV0oGMaup5__6xgCyHaTZnccn75objXBBMLLsaVKwIbdMfwQuxJnfYHRCUgehcfrCvMsdalQ0n4CUHJEbq07tmYtnwlcd9Y1PFbKDZlrSNhDsFDDJmSSf8TUKydYQWYhad_eomsuPxdOMYxTiVY_hxUWkiezzpvZVyH3Qz4KJ3FNfxyYdNXvF-0NecH6WG7plALfQiLsHrvIU231plnm1XmYo9vX2TO2oF3Ulg-bWyH1TgE57AcrTgqNO2rjGdTEy7qHUj_lOf1FmzZHi5puHi5rnYVGaHg-6JCJIvKpbWWu0yQCK5t1fJAtWk-_7p-ZZp6OZuhppdvxAWkkce8lzj88EBQf7KndBV-D6OCvOyZTprCUQtyf9dLUuHkg8iBkU5vr2ELHtN09-ggx5kRcTYBUb90uQZ6yQMgcRQ2qtKia4_NRSaJr-ew9DVfhi42aw4SHx1RSvWAd3Xs3n1wIvyvyubL4g-528U5-vzObWgeQLfBZzeoIppbs5esRWNCuzxjrqNVKtgyJotNDHZ2QbZo0IbFoL9iUYXl_-MqtPdm3blpd7Ux6Sp2wPS9TqI9rlac4mHmNi4Y2Zf7ruFG-OvQdIek7-Yas0KA4BmKzdbAvDCEAbiIg5F1IpkXJlFXm1Cb_qflXdjV5-QOBpUxVbZIbdsQsGZJp0Q87RC9H5Tk6cZyIx8UHeEMbD8kvU3jKXNjKkBCLxxzrhS0VdC4glMGjYOehoWja59zGD7KhrYD5ksTHrehM7eTO4UzcAyRPWkLaAxtuNCcN4m_utfRuSJ4uczLgVa1Gdj_REumhjdd_0MiTe72Bgy4psBhirEhfc7g58wMl4FE7h9LJLEilp6WxJdMyVZqi_M6BmCJEwyAReEPQjNnrKXN_XpZBZ5I5EEdPzHphHV0GQ6VXG_I2WdI6JIos2bdkh4f3NCJqxMCqRRchsdIxombBlfP0RdYUW8xWs-8PWWva5BXU-dpaUKw&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=7614188201635871000&adk=1033480531&idt=129&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9c0b0b3e94ca779b2f61981b0008b6f1bec8abca87a7bce786fec663490364f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35322
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F33 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4640623853724&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F33 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4640623853724&version=m202209210101&ct=76&x=1&cor=11866485274032170000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2F33 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwVIcswnX0q2lBDgsesetQeznSGJsAaVFRWZXYdUGBXuYtwqTXONWhu_flQukPItUjmm_nKZRhcjaGY0NQIkYnf9w8Yg&cry=1&dbm_d=AKAmf-CgdgUGAAgYcQbdLjwt0o_2W7IjZBjXBegSbwKKVjPn_5J5rjrGmHKqdF0A3aDtZDtQtTkgtjkb4azthZnsxufnMKu_s78FCeOq6vA_t1CEn4tqG098GwVQSWoGrBn9F0Cx06XktAE9qhOE_vC3Ba5gbJw3wlGK58WCkCDpE7m65BheHrEdVnF53_PdEJCO1ljRyRA-P708Cfz2PYhkV5JPSwud1IEvKrhxlf6gLjIA5Nwo1n-SNHh8b_3ug3__27lBl242muaUHWNKe4HFpmmB9_8CTUb3l7g-E8jfu4I1AVe65YsIsugVegv_PidJEEDtfAhe8L2Z_mNMpzjYPI9OrczthykUjvZHQhEDb2aiesvcI8Xy_6ad6MZZJLBgQBnMS5sLbTRYGC-zduUqrr7pSrSKUN7Hk8irl3LPZn1IuAEM5QwWkndtm8DFi1xV-BCQ-0ZvuJlNDJ9lReX8CNsyUOs0iuDn52ejiau4DAjq5uEAyPp4n7A0x-okDS1DH2TKF3SU5i5hy_vbzNhQFwAuLkRYmBwQsQAGM2bil21ncmnK5ks7IE9sNoyiFNbDqr1woxL069KN38ngzp34RFBeJ3VBOGMmGdDmjKXcOz8gEayJ00oxqkfDECh2SRwwog3uA9dIyqFSJp-klqnqcskZ_kTcTR3_URVv7nlWkEbmZox_vfh-kg1ag9Z-KupdH1lv6joNKFXZGSU6twYCGVA4gnRS2i947ltbXY0xlsTs9bV4SX1oT0-CklcFQtNunplXseBcC8q4d0Wd1qUORtx_-D6TIcB7ccncwqrA6_7oSgKhGa05de53rKNsXiNSD7-MzKVvH3KewdyynWCSPpXxzy3MGKN_VcQJjYW7l8qwtMFfwqFR1f12H3qToyceATZkibHx-ZjRbRrY7c8V6urTB1kOxswLALd358CnioNsLGl6i_Fl-Bd9vih6AI8eO8SrieulKUWHGUB5jEttLDrvCndMHKrUs3VlbZhQvrpg3BDnc-LJRvizFuNf-0Qj2H53XUZdLx9Asm2QBURYn4q5mkK1fiwfPbmW7UOUXR36nwprqgHvQDiNPkPbSfSXPUtyURGl9J69j6RRlZR1Aeknc3qxlYapOJkGtOOU6B8JQAIJxq0Gk_TVgvgqZXUwIy-mTNVSPgs0pEUD0JTC84oCV_WC9KI-ORSYVU662PoamQe9T_1V3xVrDd2Ko9_9X36_NOZTwTLBPhqvy_rh7V87iL1ExkAB4esZ3brH5klDPvafRd9A9bWClPEgagtDwwSVjStzpw__MEUQ2esKltV1bJ5qxZOpDHT-5Jqvb32ySNbMO-5rjpQaNNUNpSKBgjkTWkWLCwSuBqbQJ1fVGPIAn12-nGS0G3Gl-I5tUMbJYqwMU2YqbzKv4mdnaCMzqlbLU6ByZUI0arurDjyMM5CM_3t8UwS9qXV6xj5cMWgd5vJ68uSBGF157dKalwTDfCnKObwB32LKtPT2gsv8XJXj2L89GNJQ7hkgAMEGfAHCokXczZwEOcx6qmhcZZ27Ypoc6w2KvF7uo4lWyD2owjfY3z5C8yra_hJlRn3JisRPbon6pr9-A5xHeTAFSY5iM6mSiHaBm5nY81W9p9iWuQqMc--cTvbcww_elfJDh1bgRA35obnDUxPdlnZWPYow-YZckh-HanxStLMTCfdRsl3ofg8ARftVYj4FTbUI7t8CNbdoo0RFkYO_TthxeGgl0A_bzZ2KrGWc1xj8RnS5Z0dN7nVpjWEN_YoTG71KsgtyTLpupehsNF0Ok0yp5hpGTRyQx6ihek3Zq2DYkZS-4Z724BIyFwC7SgsaxDgxmeo4Ckea-nRdw3K_G0tw-WiRmVL9wW_BxOVjowR0Mm7ssOMPePOIHFtRJ6GJG6ZljRyilOCJOwvtV_TNCvKBo7n4-8JXl9-0ozoiwBvIOjVzMH5epK2ZKJvK2R4AeFdC4rJ9HQmN294RrQKkPvAO58ssgc0vaR_acTzMCzEGIZNdAD6WknStjkGOzB0VVN72s8-tYGJ3L4sIFhnRCen0W-MLKjRiqwM--kzA7LxmNHeL5rDUvZCLPK9ZUVCP9ybytdDZWq2OWww0LOtD4NCesa6kYipaE8KD7OUWqSx8tBL0DFMRmuY7OJgpLrLjmy6O9nzCZgFuaVcdmQZ3-JaWN7KNN5BW4CE_JQKzy92BBqgBK1AFWGGyqAnY6ZkpRkYGO1wOEHn1OdqMMd_3_sNsSqliTWju3oYR-GHK2Rl2CxtacI0zpajyB1n_sMQ0GkcFDO1oMawlOR_b56aKEGETX_T5XmqQ0VRrJMaARLkSxgBR7vK12fAgFXaY0ojoSiuxA16Wq9f5FO6wAOgtzBh7epUCB0p_0LQOzY54BMdv7SLbA4_1ouYfQo9Ksd42X5OpA4Z2xiWEfpqdnH7sZ8-v4zbYAcrNqo9LC_Djb57WwOaWQGC5f3SWaPI4pdFEUvKRjUp9YND7wm99dJan10MCenTZrUzTk5f4d9S7YSS_dEDmOcpi32MCbJCn-skZbbcvEqoOcpVSdYv9ZCD2A2-bvsmSFSY-Kwe92Ag4dO3pdYDcybb_Pn6pWgNx_fiQ8a67gp0DmGLSb9EdeixOvDIGJUozTZLH_CajAwCHjXGheITFVZF9YxZWT9e5uLTP_6IW2rwA3Mfuvag7gELYfD9o3eHwBd9boeHSP_8uBOsGZvozUuoYZN9rZXCMgf_5BnOsja_uyxxyB2bGQyfmZRwGhzuK7_4_yt2H5byohmVXxy5MuAwP_jTVNGasw_4UHkXGc9j6lLBsQm4raK2Qu7n9T1DvkTTSh5i8pbP53tiJoDRoBegKLQlPFFA8ipfk9uqvmnes5_HCAfXCxPzFOd8BNLzOMaoGCtvWMOqW5eNI8LoX83xXfJffhOOL-DDE5ktVUk17CjOkUokCp4pavgG2rXfU1iYR1ofAm5EWUyzmFVGEjua4e_Vw5VTV940zjjVh7aWlAKKZ5YFD3jckvuA6QjC7BMK5B8JOriitIOEiXPeOOBLZjU1dWNPl3IQVI-lBgzfKLNGPnLwC7c58VucCSfeWwa4UqvLXVLeYzXynFalXq7wOFlTvbJ-OfLYVxCsJUp4oijoKHSmqvQs8-izbm8xirA_HIg-m3siAFAHtpeRI4H1Ye9Iqrc9p3LQMItA9ZTKr60nG_EHe16mDcVhJbpRfWTXpAJIhvVNHQIamxVmo97DrPCxBBNmfLdPgJEG5PccF96SeZvy4kL3xdp1U9-MjBRfmiciFtsNHMnetz3oIkNiGQp-0NOsYKo3Gx-FoWcKy8blx_P3Ucu5PShPHaS6yf1ufSJoK01QR5R60ujElVRa3R9RjIHEauvwDzyrFrA_mFnWTTv5gZI9W6teMfeUUCkieTko1F3_jXKuGuV3wGWi31j23BBWu3gVGHeFmdoMlUmNPyr67Latk6ZUiHdEuNI-er0QwwR-6fRMHjYI0Xhbxwpw-OIbWLzZyN2XdyrnaggiJZUiiPq1kIp9EFou0L8abP3VWLoRrPEKx2esjRhPuBy86Uw&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=11866485274032170000&adk=3690638929&idt=130&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc13c08ea4a72d653cdd6d81a4d7dd0305d7258a6bc8184aed13ff1569702415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35459
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F231 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Origin
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame F231 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dknqb48onLurV_3isexqNL_ZmFPK4-MUcV4o6OJ3QhflJIMExc2QmIVmkDwv5VXOhtZqPM7ahg4wWpJv0hc9eLdw5nQA&cry=1&dbm_d=AKAmf-CfepMb-2zOJYxJOuMl3GcY1Q29HCyvNyAKRKqVocsh--Fwgm6MRBLgUYDltwouJWo_Ls8Hj0vV7UZqYYi2jKM7nOafNfNuLX8irf4-0Uj8DQBfVJOjKURI1U6F01p5D-bJw673j7TaV9DS89U3nSKKdVaHFhiuG0uJIdhRo8m4qMw-NvXlNuLg6Ytf8L8SqpGJHi-_L0suwFWyV1lrWYlPgg9L4o4zryyDP3RRCeWgqfZ4TxNFfB-d2c2Ntn9gRCrNh8iZA199Z1qQ0gcg-BRf85fUDdFd_nTjCQwap53sRGOY0MjM4Ur2icy35j7FH996k76-C6K3cfvQL8QY0K_zc5v74H828v_zaqtfU5pR3AldHEvvVlRSKfAPmXH2osdJPUJ1lP1jPT04Yw2NLcMJ7HNER_3nRXcufVCGYP_JdP5CtCcaPH0GMV5Tj--rU2ft_hq14TzfqUyY9i69mrOnUs8MfC7P-GNE2NF8VVbjDpv29bwarT1sfsLsbquoO4PR-Umt49aDfAvlKgNVCcFGA9q36zEiM2scs5qyeMc3LCeqzsrQtGjh3vIBRONRQTtxuoZoEzrVnJafghH1xVsaIY5GS1TWQtolitD5mU8jzhzpTod5781lT9AmuipJWXSllYFlUqLbKINnlGIESeOQo99EaT2tGOjFjYEcxet4qAYmJCC3dsihhyAQtd3vn0PsiCXJiDYcwqWl5Ec4rVv009IA2navocZWtrAM--yL3NQQi1MhemCQEzmH7xVj8ISIcvxLVEtQP6fInml_9iZRN1ClGSB0NsTWGmJ9553DJCKsGNNY4dn7uvRU_4GMMByvMRag5NYfBXfgrREAXVE7pOOqCNPC2wevJapN2D4O01xSHyYmPOk5ZZgHKQ9Co1ybUb2Ax5Jj5uDAc6G1YpVPDdeJGgvvV9r3X1JxMl-vEoNzJhtR3cVaMKpSyLmP44n-YwYi37pzKFdGd6CUmzYT8JbZxp-K_8ddJxfEEIjM0QR7LhRLxu6kmIeN7l_NdrcHhQb7AQNmNreP_Jx8M_mYh5SlTUgcPJAFW0cRXopq8YvOWv3RmsDfIxy0RNMz-M1ElKu8x-0ory6zmCAwFEkl0cHxpUKkqKgY4IBkewWzmsMVYZPl98ez8gh9Sjxwj-yBZy7TTn-mYkchAvUIGytKBG_7yNe-rqn9ub1D312zXFyMsfQ5_sv_0h2c69vJqyocAkA4Gz2O9LCq6EM7kKfEo3EnfQ3SZ1iyCI9Au7IftYmqILfDUzGGActGDda7AXyBLF1r5N1MWjK-vMnimZZF1B3Dx_sao1Y7bNzxUg5QdE7OU2icR5b3e74KCxKOc0mi99SklTUhUZL3KWZXYzWKeZH9f4fblKzH7mv9j_u5szC5tB_ENtSJwsv0Xrlofb7jNuz69uJjYMFp5u8_yYcm7YPjErpEQmKI3qScc77GugeNUp4Suc424tTZCkyU4GsJd89ZfOLablcXAALFmm3-1RjIOTAZWlolI7cWS30uye_uLpkHqxl9OD6UY9GPdGMbUEQ1ajIvgS25iqZFwVuyyfLwU8tCQ0inVvDEkf-yAo3hXpcFyN-25BErVT5n3i-AmEXk9mjtfvf1lbGdCfmAD8GYaJn4ga5D_Qjw8RRZW_NTKteKQ2WpBvOAkYcorUBzvpqgPn_TyzcyVy89dpaphFVZm-xkJip1awncdKH1fklv1De-a2OB2I5XCI_n7IfW3OTIPuX89W7QTiAwuahlJaJWWnfibWv35SYDFUZyYw_ReXkTlKvkp6Psmw0xmOySVUgWE_f4S6sHrFjObJMmDz9js2Ek2_JYafgf3cgwOkijnVjbtpzK15fRb-kVAcddCPxI48vR9H7y0BXrz6W6GMla2f19bDeV_DpC-MJLtP96q2WUbyCrc6uWIkIUl3-cO29eMTMhzHUBKi-ccZM62mENKamGhWHtJP1iNA4n0uXQSKOyaYc4Eh_3tFbYBuc5Er88PLOVsehwk0ayvsfh2STbGQaPUWZb1KmimIL7nwfliixrNjXY0PyPuQ88OR8wLC6v7bPzD9aOhlYLH2bBbANKAicVtboeeBvx2KpKL1_9e5uTsh3gIKdfT9AGDkjrNtzcJhqUaZNvXMe2U8t1ZQ10-ZjN_vXkus9oalc-UpnrGWXH8nfriCOI7fGCmgIa_ybDKw5Q_aBCCJ_lhKVVjrSbt0X5jCenJWStilbUIQqYSmJBXiUZAlUudvvF574Hat7DQxOe5irR0DrkwHoUoeAXjf2TV0pBTCNz4Iwph8LCBSELt4rYkwe4yCRvka59Vnm02D8M9Yua9H376zQQeTqwBaAi5k2LNctwUcUAFriDHFE_-M6H9hqc_Bt_BDFc3_9pxEMufc9EtoQh4HY0K2mOIoUxwJOpbBBVkrom-GZh-HrqI2i0cnFnYLQOoyoo0u5kSf4hddM8LW-SdNkIxL_yHjoQmWw48sbde4e4UV_q60n8jAHvJRTeuzQhxkcENvi3ttS8rV9nORDOkXvgz2QGVr-1tr2Or2QtefKCTCdVpfN-0Tn1RpcLcroWEBCW2Nf9w1RNEBXrp0aHEwLM-9lK7JC3L0jlC6Ji6AngkpDaUJZuMup1P7OkWHxXSWxhNeGjRpxJHqCHuFUlJxaZnmRCMlwjBbc3UziFl4vWy8TqxEZu74SvhuvsRevK0i4hFVffw8CORcfN3rqOUoSJH6FKA_LIkqu4MeQGiPaon9Zhh7G2R9jJSAI-i8qy2mv-u-g_ACoigfHaPrk3jb52xoqRuD3TGJbNiEMRVoU3wjWu_jCkYbTdVsq9vsjxyrJTrMJc_2b6i3ZdnE6HeLXlMmbm01TMmvfa4t2yh8EfXqhcTd3bxwfJEQVyVOvyPZPFxBO0TYBsVdukYxxB83EPZ0wTCeIeOLTC0FNMB5Yxk4Bm8K_bjnL0297VQNH8sl08U1voO3zaVc_7iS_dU6Km0jWdrK1-q3GKD8IX_YBIYIHXXE93r3yrhaw31Gl5bJ3iC9MUHGdR-5eFMLYmQzg4ypM8fWKKvvRyKYTmirwrQbnojtXsKzY1GJR-pHNT1RxubG3dpnXdUtuQkBFV8FZgVI0G2Nf4o8qKladsjFfPPONh-iaeyjtTlC47z_bZvE9RlveTHHJoBX7orYbqBzTorEhNwl_wKdRLAElkt1HPWRJ5Kz9LJjU5aIZW-dVpepvspQzg4uLSzILf4KjyvLgJ6xzCosRaY7ncaFw9MPMBqJDCXIveLx-TMuZD_TBkh5NlbBKdfCss_-R6eW0v786CIh0GY5RvZ7RklMxyf4Mq1YVXUJ3qYGe9iOiyc_vzuthqucJdT_USs-h6om354b1Q2jAUfWRkbmWXK3Ju1zdpGjuvoicSnu-0Og5ghnXGqsa5xNukD2fb7G8FhfNO0HZdT-A7J5a7JU9ItuPCsCWgkzgwKsTjKdQpS47t_Lqgsy_iiYg008Vo0Zh70Q3FlqjzMdW905bJFtsiDLQOWUmEfYKnIYceqCOVekbVHyx2xvwVe4PVI5GvddgTkgu8INkhiD_ZCVGQfVQ5Pl6iU9KQpSFtG74R4brraX-n_yOY4VcMqZjynly3uEgM636TGvtGQf1OxfLNKEye6UEM2o8q60AltyM8i2gxUdv1F8h8ntLxkNWZsr0VACFgotn4AARb2PF5NA&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=10045520663492616000&adk=2228999115&idt=60&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
51630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:47:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame F231 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dknqb48onLurV_3isexqNL_ZmFPK4-MUcV4o6OJ3QhflJIMExc2QmIVmkDwv5VXOhtZqPM7ahg4wWpJv0hc9eLdw5nQA&cry=1&dbm_d=AKAmf-CfepMb-2zOJYxJOuMl3GcY1Q29HCyvNyAKRKqVocsh--Fwgm6MRBLgUYDltwouJWo_Ls8Hj0vV7UZqYYi2jKM7nOafNfNuLX8irf4-0Uj8DQBfVJOjKURI1U6F01p5D-bJw673j7TaV9DS89U3nSKKdVaHFhiuG0uJIdhRo8m4qMw-NvXlNuLg6Ytf8L8SqpGJHi-_L0suwFWyV1lrWYlPgg9L4o4zryyDP3RRCeWgqfZ4TxNFfB-d2c2Ntn9gRCrNh8iZA199Z1qQ0gcg-BRf85fUDdFd_nTjCQwap53sRGOY0MjM4Ur2icy35j7FH996k76-C6K3cfvQL8QY0K_zc5v74H828v_zaqtfU5pR3AldHEvvVlRSKfAPmXH2osdJPUJ1lP1jPT04Yw2NLcMJ7HNER_3nRXcufVCGYP_JdP5CtCcaPH0GMV5Tj--rU2ft_hq14TzfqUyY9i69mrOnUs8MfC7P-GNE2NF8VVbjDpv29bwarT1sfsLsbquoO4PR-Umt49aDfAvlKgNVCcFGA9q36zEiM2scs5qyeMc3LCeqzsrQtGjh3vIBRONRQTtxuoZoEzrVnJafghH1xVsaIY5GS1TWQtolitD5mU8jzhzpTod5781lT9AmuipJWXSllYFlUqLbKINnlGIESeOQo99EaT2tGOjFjYEcxet4qAYmJCC3dsihhyAQtd3vn0PsiCXJiDYcwqWl5Ec4rVv009IA2navocZWtrAM--yL3NQQi1MhemCQEzmH7xVj8ISIcvxLVEtQP6fInml_9iZRN1ClGSB0NsTWGmJ9553DJCKsGNNY4dn7uvRU_4GMMByvMRag5NYfBXfgrREAXVE7pOOqCNPC2wevJapN2D4O01xSHyYmPOk5ZZgHKQ9Co1ybUb2Ax5Jj5uDAc6G1YpVPDdeJGgvvV9r3X1JxMl-vEoNzJhtR3cVaMKpSyLmP44n-YwYi37pzKFdGd6CUmzYT8JbZxp-K_8ddJxfEEIjM0QR7LhRLxu6kmIeN7l_NdrcHhQb7AQNmNreP_Jx8M_mYh5SlTUgcPJAFW0cRXopq8YvOWv3RmsDfIxy0RNMz-M1ElKu8x-0ory6zmCAwFEkl0cHxpUKkqKgY4IBkewWzmsMVYZPl98ez8gh9Sjxwj-yBZy7TTn-mYkchAvUIGytKBG_7yNe-rqn9ub1D312zXFyMsfQ5_sv_0h2c69vJqyocAkA4Gz2O9LCq6EM7kKfEo3EnfQ3SZ1iyCI9Au7IftYmqILfDUzGGActGDda7AXyBLF1r5N1MWjK-vMnimZZF1B3Dx_sao1Y7bNzxUg5QdE7OU2icR5b3e74KCxKOc0mi99SklTUhUZL3KWZXYzWKeZH9f4fblKzH7mv9j_u5szC5tB_ENtSJwsv0Xrlofb7jNuz69uJjYMFp5u8_yYcm7YPjErpEQmKI3qScc77GugeNUp4Suc424tTZCkyU4GsJd89ZfOLablcXAALFmm3-1RjIOTAZWlolI7cWS30uye_uLpkHqxl9OD6UY9GPdGMbUEQ1ajIvgS25iqZFwVuyyfLwU8tCQ0inVvDEkf-yAo3hXpcFyN-25BErVT5n3i-AmEXk9mjtfvf1lbGdCfmAD8GYaJn4ga5D_Qjw8RRZW_NTKteKQ2WpBvOAkYcorUBzvpqgPn_TyzcyVy89dpaphFVZm-xkJip1awncdKH1fklv1De-a2OB2I5XCI_n7IfW3OTIPuX89W7QTiAwuahlJaJWWnfibWv35SYDFUZyYw_ReXkTlKvkp6Psmw0xmOySVUgWE_f4S6sHrFjObJMmDz9js2Ek2_JYafgf3cgwOkijnVjbtpzK15fRb-kVAcddCPxI48vR9H7y0BXrz6W6GMla2f19bDeV_DpC-MJLtP96q2WUbyCrc6uWIkIUl3-cO29eMTMhzHUBKi-ccZM62mENKamGhWHtJP1iNA4n0uXQSKOyaYc4Eh_3tFbYBuc5Er88PLOVsehwk0ayvsfh2STbGQaPUWZb1KmimIL7nwfliixrNjXY0PyPuQ88OR8wLC6v7bPzD9aOhlYLH2bBbANKAicVtboeeBvx2KpKL1_9e5uTsh3gIKdfT9AGDkjrNtzcJhqUaZNvXMe2U8t1ZQ10-ZjN_vXkus9oalc-UpnrGWXH8nfriCOI7fGCmgIa_ybDKw5Q_aBCCJ_lhKVVjrSbt0X5jCenJWStilbUIQqYSmJBXiUZAlUudvvF574Hat7DQxOe5irR0DrkwHoUoeAXjf2TV0pBTCNz4Iwph8LCBSELt4rYkwe4yCRvka59Vnm02D8M9Yua9H376zQQeTqwBaAi5k2LNctwUcUAFriDHFE_-M6H9hqc_Bt_BDFc3_9pxEMufc9EtoQh4HY0K2mOIoUxwJOpbBBVkrom-GZh-HrqI2i0cnFnYLQOoyoo0u5kSf4hddM8LW-SdNkIxL_yHjoQmWw48sbde4e4UV_q60n8jAHvJRTeuzQhxkcENvi3ttS8rV9nORDOkXvgz2QGVr-1tr2Or2QtefKCTCdVpfN-0Tn1RpcLcroWEBCW2Nf9w1RNEBXrp0aHEwLM-9lK7JC3L0jlC6Ji6AngkpDaUJZuMup1P7OkWHxXSWxhNeGjRpxJHqCHuFUlJxaZnmRCMlwjBbc3UziFl4vWy8TqxEZu74SvhuvsRevK0i4hFVffw8CORcfN3rqOUoSJH6FKA_LIkqu4MeQGiPaon9Zhh7G2R9jJSAI-i8qy2mv-u-g_ACoigfHaPrk3jb52xoqRuD3TGJbNiEMRVoU3wjWu_jCkYbTdVsq9vsjxyrJTrMJc_2b6i3ZdnE6HeLXlMmbm01TMmvfa4t2yh8EfXqhcTd3bxwfJEQVyVOvyPZPFxBO0TYBsVdukYxxB83EPZ0wTCeIeOLTC0FNMB5Yxk4Bm8K_bjnL0297VQNH8sl08U1voO3zaVc_7iS_dU6Km0jWdrK1-q3GKD8IX_YBIYIHXXE93r3yrhaw31Gl5bJ3iC9MUHGdR-5eFMLYmQzg4ypM8fWKKvvRyKYTmirwrQbnojtXsKzY1GJR-pHNT1RxubG3dpnXdUtuQkBFV8FZgVI0G2Nf4o8qKladsjFfPPONh-iaeyjtTlC47z_bZvE9RlveTHHJoBX7orYbqBzTorEhNwl_wKdRLAElkt1HPWRJ5Kz9LJjU5aIZW-dVpepvspQzg4uLSzILf4KjyvLgJ6xzCosRaY7ncaFw9MPMBqJDCXIveLx-TMuZD_TBkh5NlbBKdfCss_-R6eW0v786CIh0GY5RvZ7RklMxyf4Mq1YVXUJ3qYGe9iOiyc_vzuthqucJdT_USs-h6om354b1Q2jAUfWRkbmWXK3Ju1zdpGjuvoicSnu-0Og5ghnXGqsa5xNukD2fb7G8FhfNO0HZdT-A7J5a7JU9ItuPCsCWgkzgwKsTjKdQpS47t_Lqgsy_iiYg008Vo0Zh70Q3FlqjzMdW905bJFtsiDLQOWUmEfYKnIYceqCOVekbVHyx2xvwVe4PVI5GvddgTkgu8INkhiD_ZCVGQfVQ5Pl6iU9KQpSFtG74R4brraX-n_yOY4VcMqZjynly3uEgM636TGvtGQf1OxfLNKEye6UEM2o8q60AltyM8i2gxUdv1F8h8ntLxkNWZsr0VACFgotn4AARb2PF5NA&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=10045520663492616000&adk=2228999115&idt=60&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
51581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
server
cafe
etag
10713822464293745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:47:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C19B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqYrlZqhAx6xptjShxwIKBafdfoWozH8phq0uB0RaIgA1Cm7pDc9VNjXJX3lVR8uXm0n0ATG5WWdt-Wmi1DcFTubXz9VyxK6vHoTJKiWTG39Y1yDKPbnRi_l0vSK2pYe_PVk8ExPQJm0DqcrF4rs9kyspvKlXQE3G5ezTnjRro_4k2Yfo&cry=1&dbm_d=AKAmf-DgcRQZMoQgSnvLiqFWDW1anYxaHw7lsC_B2ExePhQL93iVVipNPOal8uXNYvMir4jcqVDT7-GESr77MRb8LiLlcuxfpSDKNbK31i93lUp1mApPuPL8PhfDlkYwvvIXo92Hd_in2aCeNcqbFyspfbYbb-lOZwbLD6RLv0JMb8hHNwQazQxSabJ9iKNaCMkthzmsKwIEj0cS9bEsM5X0lPvimOK_Kb-Rldt5xGDCXjk1La2aTBWC6OSdGQnLZkxswCQVk1lr0fMW2i8JTUz7BYRmONhZ_3E3jpjFhFWQ1BxHRSnixrW3zmpnzGvXrwzsXJVzbIj0tKKGqGHuFyifkX3P9BMqBL16J9ykD01n3j46JwZzTHrXizKO9eymwnmFnMwnATh2XX1mkQPLADdf_LKpCXpzy1T-Pv-pv6z3zsiwC-wuzb7DSrjJGc44M--Qf2874jitD7rmBWDy4N1VdRUfi1gfiiSSNQA5IKwgKFaH5k3bZErsFhf4boXmsgoGbxlSjZu76ereTHKiRrhaAfvbOG_B8yYTmnhKJlq1P3WZqgSejDzwmPvqhbJk_RULD4IhIUQ3p4mvacuf37CIPSk8jSZhsnQZF7p7sBNCQMbFGmoD5EO-pcOIdjVcj8Rd9CgWPtK_nuSzIF-ExBOwEagtl1DU5Zjl55BaMorztv9ulSVB3KmdDvcUWEkfFEnEpBFfp-aIcT347L_PNwRHZGeg6rKFTJt6aVR31iWlZCht2b-5cXiwJEbj5C5QZhj7erZNLmQDNGVydC50mrnJhAKqcF5ULG47UiRx54UbSScgM0tjPRo07J6xFI7apClcLFuHwF4xPE7KN71dAPTtlC22JZp7OnGJ3kMOKAEAXReQFzDPtyU1WrB7E_trp7Ag8SA9qc2Ige0LYrEzqemRT8oBKqx1pOmhZMyq-ZRA7T3w6XwHYbPTOXk4uPC-XzAbT5YZ3yevSimeg8WFVHfzkamdTbT5HPjXRMGl_J6_5MS-PSKcSMVu6AFz0RDm0y6qz5zGf5rHgODcMGUNx4fVdWD25LYUqwA1umtOdXxY60BI2qaIt2BrMySq2PnbgM-GjngzZ-A2hbMUt_hqQGJcdb3CM34JdxxFT7PSms62T6u0U67-X_5GdFFuFT7LJQpel8FDCyABzFGoSulr4XVqCblPm-dGPEv-0kpMB6ufA7Q0U4m46reMah03znBDK6uojOJ1IqKH-CMjAWUeZlBvKGet8VfX5H8x1D9DoQBn6RbY4Q8XiwgA_OCbCzP_xKAMhM23loqnD4-0qztgcDEj-Allj0JR_9tJq7dqU1P8GV4zvBYph9APfwTTGgQZX0oEADY94mXw3c8iQ-QrSUAINM8aLDo4ublwJJUtqF9IoR4Rsi-Ruv3Md8-AnosI_D_CLcfaunXUXUosIdAhXXwMVVU96SUc5CXESVAKND2aWflj1ienWa4GPg9OzJqpK_6VhKrR4ZVXxvfWen-eGLhikJ9_67Oy99yXcah6HpJlXUxoB41XhD3JGp8JayHNWPx-424hO3enwCvuG9Gxm33R6kIcUKP2ehOUeGXlVN7OoRRzUylwEsS_zQ1Hf58SNZVL2j_F-HeGZDwL-idvWW9LkcNbwuxgjQsOHxmHOg3kwoBQjASSNmztoVT225gYDvkodS1Ur72XJ7jwTkEfSHZgRQHRfaJ9GtaZgFcDs8Pa98hCEVk3Z8MyNCSPHX4NbVLnDid3KUo3eTLdBdhk_Nzw3S03FX9GDtvEUOggUhxx1S1yq22AhZXVVvJyaaQ4E95zxPthTYdaaYAYd1J_k6xX4UevZzTx3YuygflLslx9na7bM7Bl7q8esErCTqwr46nq-0fLA7kg2ifHQzKPc-9AbkhTnndcMBaLdN7lUzxtqQru4L46g7QIrpMHr7KznzhJ69xmQGB5Liiug3CubfiOqcTYtoTWXNNCYEHiHC-w2_dDeZHjVXcQQnob_YdMn0dibo82kO7IHqtUQgDUFMi59qtBpRwq3hpdnq47FTWu-llIzBlhDqH3imf2jltr_qngm5eEppI7u3qWD8TeXR6qtfpjKftfMTIh__oC5m7k7QkyImI7NkVKIRJB8OI9JpsGjLOTDjpUQTR91e4lJMUiwSv6_RO_vICJqHpklE2lyMxutdM7PDlYqwxUrnn_jMkAjulzUvI6s2O1vwmXdOeg5WvDNmPjmhuMXOLUXHwMCO6KlMKLEriVinumI5BoHTzSkFk9HviR7Ameg_Y2pa_AI1_xQSwSV3Soy-DnucrTeE2iHNWbrq3KLOQQUlVMGo3Q-dQ6kVe0HnznPb_OiSn5iRjrEtCZd9fJkB6VJavcGEbvs0D0Pk-grNwRkecsZ4XaDMSh_LY-1MG1hDvk_n4IyPnInKeis9T7grb6WHTUUvC6xyksUhmHu7WKzeC6AxHEoQaVwJktWSMKoaN8ljfAIMPUGcyjDXJXpDo8Sh-D2T-z1k9txp7t_E9IFDpQz7EsQVcm_bXegDrciGPh4sDcDstKOrgVzbao2YM9vNNHXW1ibtO-s9RawnoBXwXbYowz_9Hdpyai1RAOWqsQskA9fAPezOHyYNRRTO6GB9u3eotzRN9j9lKtirj4cTz51Zj-3e3KlzSO5CF-2p8ICCk0JVQUBi7cvcFPvpxNxNbW9Q63XbHSZ9efWtnSYlhXMrLVPeK2Bw4KP4FXxof4K1WVRBLv4b8gmIo0aqH-nRg0JNvpY4vBFXlk4_L7RsWY52zL0OSZ1bXgKThxjTCR7QoXaXK6yCVmrXqqo9fFa7bt5ROuGHThO-2Wu4o9xx1YX0ZHp8iopYfqpSbfVvhzHVRFVi1bHSAULFuMK6Ux2H_gW6UjiJlMs9GuFZ5vU40Au2CQ4rhcjnFOjoUqpNcaF9Q4RBvVCuHo2lg0Hp0398laB4CAHwtlt-mMaEY22VmMpspzeNA6D0Y_AidP4ucQcmD74Ld0jdHt808Sih_LOtSW_iNMUsg8jXuG1t1nrdS3Kdjjt4CEYCziLYQSbQKcUhM4wfMGY2IVbgGZL-6qAvQf37X4xsmDqfmfrSQtGuffSLceJrpcU1eoMMdOqD6wo1aErnj9BKe7mc4PYuOIU9DHrVImwXBN4qrn4qYShzyBJxBl1T0VBr3pQqLtQdEKFzRWtKXiufoz47uWQ5oXuV1LjWxa7PF7zPa290fjFWnMOOjtuFUMLmh8kihCB9BYpRbqVH3XjjYWWE0Wzv7tueprKvkB2knYqDmVs1H05Jbpte7pNYv-kqY1_lwiyea4meLzh_Bdq57VaHq27WBxTFx-MWuoxpCgotBGD-UMRl_3_AMj0Xzkrcm_f8-RIyU1l5X9X99fIHqH-YmLREQn_hlanmtnn9Ovd7EpyA9QH_89Qr6w6pag8VADHKfwiJWkxTF3J3M2mOQmeZONkyptNs26oIqqvc61LQAxMIfJIm388HFGZJx81-TcmGo_5EomGHQwMgLUL-sNZipTuhBkCKdat2HrE2LSGS83Jd5jM1Wkci_Cc8rDuIuabcen3Y6ChwrkSHlyh56wjdG4v67o3-2CpZhX_FVNKNG5es090Vnv5phpX5wOFEjyio9Fa_zPQ2W4F_h9XqWKprGWYAclNM33Ag0G3-ba3WpcwpZo7T-amhzS4_wXHdI9ucR5vUzs7KWGiEOWy0JzAV-eJSFIzYS-tzYH_lpZhl8bpf98ky9SYvpPw44gCAIge2UqSnRSWM7aI-Znjp5TdzRoE3FS0OEWlEtu9R4vlhOofsLeFcF8lAyJ8PhbHkZAV5932HidYtbFRzeGbDxhL_nY0ijPq3jOXrjL0ZLmNyiAweH2pIeYNeQnuaDkv7S4DGbk8UzgvCthDBgBzEqXHcfP2Td1V7DVc4u8EnhROqmBVatH1H3qT3GvAjrujVwxv_vCgcrWpONgMJlxJ0ZzTA&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=17079805425386775000&adk=943508955&idt=131&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:28 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9DD8 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Origin
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 9DD8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Br1IPkpghKP17VnoetHTcpC73AbehLf_8fsujpY7pgKPDqkxU_ovV4OaZRWJiLk8KiZLNxZ7w0nTExKcvUmDWgcHmZ7A&cry=1&dbm_d=AKAmf-A5h6zL7BPtX219rMMXHglTjO70POmzvkQWJqWyiMPbN0Qyx6XYGVCC1MgruiYQyV9HaQ78Amuw8kqR3ZudA71xuY5rcwjwSn_93Dva3NXyZ8A09BKx3vmlCuI5gtxQQGbYHL6bpSGQRi7idW3jWF_FsQ6QnCXjUrU4NuiO4ajlPZBVTzgkel85cxyjZzgH9saoM073jiPGRUCUvK-UP-JWW71bKtOrn2d-XZ4Fkm8nhWIuVDSTEkh6ifXz04rxk2W44zaT5ul44ndCR9PLLfpxuHFw9T52ri-jk1_eaeqPTj-ZJE4UtxgFc6uOYGfeKHSj55B-u3fne6lxjlA_yv8TD20OTTIZcFjMdh7rd8ktM6fn3Deglgjk3ekRTJJFDFFaGnmVutDuCPx93YSfD89Fx8xgTSCl61ylWeFuBKlqob8Nhi90wyMwmysHY8ArSH0fcghrr5kMNcKptKaSO5oB1exrX2vnPOz2AzKV43o5epXTYeuw6dipQn7N4IZficLM7yHYG34lVjyMxrJ767vwTv_HAzeOZ49_oMgkJMRkU59jrSULVN28hX9yrriTwLdxu6DRSVcW52mki6BY9DhUr0wIzqHohQBC48DtfyhTAU830ZyFGKpr5-cygQ_8dBCCkT-7kdzFThoqiFVxqFERtNfUHTkaLnmfUye9vmdk7oEhYLa6qjcgXSVxSEX1C2006RMgmOPXwI3HU4k_ia4BOek1AhV7kDDPW2OoOWjPQR3IzpxP5VIYdnXRVL9gEmWHrecKgbvIpOJiKMbysUVTtZJYLJdd62xQesZxTjBqJgshFCe83_5dPh5u0Lqq0r7KywxmWLS2iJPD6iKNSY08NHl4T10GF36J40u0qppMf-nOD5-hx8I_4DFHwlixvvBHeqW1n4bFOReYsJhQdW4w6Jwv6l_qbHWtrIGSAem8q_XDRg0X_s4dyOqpqqGSfMyCVxXRSJp535rb98CrBoJEHjBJkJehb0JVdIgnPMBDnglEmJIkW6LN4yO35gILlfRaLplmJegYJQif1IgwUxb3p7r4hQ0lEwssthhZZuJdElIxGXYwNnej2huHwhJfU6WJ9kJVgI2W5F2LcxUBQ0dvbnFtAxY60SR8j6-H1XmM3IzjK_qIQUfTy38f1uut-9JgF1w7b2yLmujtJ7NC7Jo1MSqw-ue6gEzmNmkQNHPKxyMdgzkDyJbYImKJUnE5oCcA1oevF-mYZUpLcUPu1w_zjxYfV_2GY4k_XkjTxG2FiMRaXyeuC7ZSECazPlYQrtC8UFlQrTpkmBN6uJJmrFP-1zJ9zBQn3DGzAO9-7KorhDt8gq7T5CVFl83FhlUMWor8nn9wcQUit_Fj4nzf53JqOkAbKxsNS5emh-tfv3cTR0l2UT5Ypi4ayEno2svufVwj6OFSBHekG3yHew8dD1dDluNUi_XuW4vs-ny_kTqG3hqWHXrZWPw8IiouWj-Q4aHirWFl-Hr1E_EycRqx_WfxgnmjtqZf_Uo50IXWJQ-WdSCBSIvaY8dPAM7Q7kCSpv_V8xIHugwVUYMy-0OIkuRdPg5s46YydH2x7fGvzXjPyWZhXqu-J-nUoM8D_EWvoS3SN78hLPN0NkC2tDLYkkY2Zvy_f6xaEk9Fwu884uyjcw3U2OOgOx10Wi53amVys5AMh7OcPul3amdaEt9JZAYmZr28cm4-9jAEP0Z2U8_N8EqgYWjCZh8vkXYmjEp_V91jhgiKzWmGXtBsUgCl5mX8-0__yX8iSaLQBlUe1t2IHWfRZj496otfW5F_oZKh5yLjSueJH79V8T_7ejeP_74XNrndTrUORNPuha6hbauXnkfsfgopKJZOjzO31ORFzF7dvXZ1U22OerDYULIWp0w7aoqPY0oswgBj82j2JMPGpNPORZbu7U4n7ej2fiXsQgJZlrmWtTB4_0OGxcPzfPxQu6GdIrXnbennYEl73k2ozH4Z3MiMxEWfdGv8RODwcabLz6McG2vE6nfSMHtQXNHRJd6hLqqVxOJOhbtdMnL9WID3JbWDQdJOxXLV0x73QdCWBdv7niOKVB576jAPh6iho9PpjeRvmjzwa20YE1JUS-6D6LjoAkSWYU5NNsV2ief_OR0xrerYDdEhxbEUzbMYC12Flyn10o3nHuXEAKFocCvH8sZnHPhYq0b1_4LGyoN5tAww2rPT8zY7KggI1Yj0wlTdoZb8DOXSiXphg2n2NQ65ljA5Ejko41KwHc_lOe4uasdDE40lOShk2e6ExbBmtxskMmcpJE5yjwDNeARFkXaPOAKLZGKq8mzjHsRMCnp3_RT_xqKmYsDub8LVINp-bCIyjoWnrgIKkhTjAaLdO8ilS61lYTryFkj0k6JSqiXKuV_xnKjPMtbyfP2HFkvHtkqtCiMzBL0q_9wQeIthML7pwm22wkJ7RQVUMiMnB6gGgXrmFmDWDycdA-tpAxaeB5u6AkV6o0aIfVscyPScNaO3raV3AI-IZhRxJ0uVOY5tT1ttGiVgJGqu7Wht2BJBUD7vyvH5owE4GKe0OZlIXTORCPPd0JVbCiVcQGomoDoHejqPV0oGMaup5__6xgCyHaTZnccn75objXBBMLLsaVKwIbdMfwQuxJnfYHRCUgehcfrCvMsdalQ0n4CUHJEbq07tmYtnwlcd9Y1PFbKDZlrSNhDsFDDJmSSf8TUKydYQWYhad_eomsuPxdOMYxTiVY_hxUWkiezzpvZVyH3Qz4KJ3FNfxyYdNXvF-0NecH6WG7plALfQiLsHrvIU231plnm1XmYo9vX2TO2oF3Ulg-bWyH1TgE57AcrTgqNO2rjGdTEy7qHUj_lOf1FmzZHi5puHi5rnYVGaHg-6JCJIvKpbWWu0yQCK5t1fJAtWk-_7p-ZZp6OZuhppdvxAWkkce8lzj88EBQf7KndBV-D6OCvOyZTprCUQtyf9dLUuHkg8iBkU5vr2ELHtN09-ggx5kRcTYBUb90uQZ6yQMgcRQ2qtKia4_NRSaJr-ew9DVfhi42aw4SHx1RSvWAd3Xs3n1wIvyvyubL4g-528U5-vzObWgeQLfBZzeoIppbs5esRWNCuzxjrqNVKtgyJotNDHZ2QbZo0IbFoL9iUYXl_-MqtPdm3blpd7Ux6Sp2wPS9TqI9rlac4mHmNi4Y2Zf7ruFG-OvQdIek7-Yas0KA4BmKzdbAvDCEAbiIg5F1IpkXJlFXm1Cb_qflXdjV5-QOBpUxVbZIbdsQsGZJp0Q87RC9H5Tk6cZyIx8UHeEMbD8kvU3jKXNjKkBCLxxzrhS0VdC4glMGjYOehoWja59zGD7KhrYD5ksTHrehM7eTO4UzcAyRPWkLaAxtuNCcN4m_utfRuSJ4uczLgVa1Gdj_REumhjdd_0MiTe72Bgy4psBhirEhfc7g58wMl4FE7h9LJLEilp6WxJdMyVZqi_M6BmCJEwyAReEPQjNnrKXN_XpZBZ5I5EEdPzHphHV0GQ6VXG_I2WdI6JIos2bdkh4f3NCJqxMCqRRchsdIxombBlfP0RdYUW8xWs-8PWWva5BXU-dpaUKw&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=7614188201635871000&adk=1033480531&idt=129&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
51630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:47:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 9DD8 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Br1IPkpghKP17VnoetHTcpC73AbehLf_8fsujpY7pgKPDqkxU_ovV4OaZRWJiLk8KiZLNxZ7w0nTExKcvUmDWgcHmZ7A&cry=1&dbm_d=AKAmf-A5h6zL7BPtX219rMMXHglTjO70POmzvkQWJqWyiMPbN0Qyx6XYGVCC1MgruiYQyV9HaQ78Amuw8kqR3ZudA71xuY5rcwjwSn_93Dva3NXyZ8A09BKx3vmlCuI5gtxQQGbYHL6bpSGQRi7idW3jWF_FsQ6QnCXjUrU4NuiO4ajlPZBVTzgkel85cxyjZzgH9saoM073jiPGRUCUvK-UP-JWW71bKtOrn2d-XZ4Fkm8nhWIuVDSTEkh6ifXz04rxk2W44zaT5ul44ndCR9PLLfpxuHFw9T52ri-jk1_eaeqPTj-ZJE4UtxgFc6uOYGfeKHSj55B-u3fne6lxjlA_yv8TD20OTTIZcFjMdh7rd8ktM6fn3Deglgjk3ekRTJJFDFFaGnmVutDuCPx93YSfD89Fx8xgTSCl61ylWeFuBKlqob8Nhi90wyMwmysHY8ArSH0fcghrr5kMNcKptKaSO5oB1exrX2vnPOz2AzKV43o5epXTYeuw6dipQn7N4IZficLM7yHYG34lVjyMxrJ767vwTv_HAzeOZ49_oMgkJMRkU59jrSULVN28hX9yrriTwLdxu6DRSVcW52mki6BY9DhUr0wIzqHohQBC48DtfyhTAU830ZyFGKpr5-cygQ_8dBCCkT-7kdzFThoqiFVxqFERtNfUHTkaLnmfUye9vmdk7oEhYLa6qjcgXSVxSEX1C2006RMgmOPXwI3HU4k_ia4BOek1AhV7kDDPW2OoOWjPQR3IzpxP5VIYdnXRVL9gEmWHrecKgbvIpOJiKMbysUVTtZJYLJdd62xQesZxTjBqJgshFCe83_5dPh5u0Lqq0r7KywxmWLS2iJPD6iKNSY08NHl4T10GF36J40u0qppMf-nOD5-hx8I_4DFHwlixvvBHeqW1n4bFOReYsJhQdW4w6Jwv6l_qbHWtrIGSAem8q_XDRg0X_s4dyOqpqqGSfMyCVxXRSJp535rb98CrBoJEHjBJkJehb0JVdIgnPMBDnglEmJIkW6LN4yO35gILlfRaLplmJegYJQif1IgwUxb3p7r4hQ0lEwssthhZZuJdElIxGXYwNnej2huHwhJfU6WJ9kJVgI2W5F2LcxUBQ0dvbnFtAxY60SR8j6-H1XmM3IzjK_qIQUfTy38f1uut-9JgF1w7b2yLmujtJ7NC7Jo1MSqw-ue6gEzmNmkQNHPKxyMdgzkDyJbYImKJUnE5oCcA1oevF-mYZUpLcUPu1w_zjxYfV_2GY4k_XkjTxG2FiMRaXyeuC7ZSECazPlYQrtC8UFlQrTpkmBN6uJJmrFP-1zJ9zBQn3DGzAO9-7KorhDt8gq7T5CVFl83FhlUMWor8nn9wcQUit_Fj4nzf53JqOkAbKxsNS5emh-tfv3cTR0l2UT5Ypi4ayEno2svufVwj6OFSBHekG3yHew8dD1dDluNUi_XuW4vs-ny_kTqG3hqWHXrZWPw8IiouWj-Q4aHirWFl-Hr1E_EycRqx_WfxgnmjtqZf_Uo50IXWJQ-WdSCBSIvaY8dPAM7Q7kCSpv_V8xIHugwVUYMy-0OIkuRdPg5s46YydH2x7fGvzXjPyWZhXqu-J-nUoM8D_EWvoS3SN78hLPN0NkC2tDLYkkY2Zvy_f6xaEk9Fwu884uyjcw3U2OOgOx10Wi53amVys5AMh7OcPul3amdaEt9JZAYmZr28cm4-9jAEP0Z2U8_N8EqgYWjCZh8vkXYmjEp_V91jhgiKzWmGXtBsUgCl5mX8-0__yX8iSaLQBlUe1t2IHWfRZj496otfW5F_oZKh5yLjSueJH79V8T_7ejeP_74XNrndTrUORNPuha6hbauXnkfsfgopKJZOjzO31ORFzF7dvXZ1U22OerDYULIWp0w7aoqPY0oswgBj82j2JMPGpNPORZbu7U4n7ej2fiXsQgJZlrmWtTB4_0OGxcPzfPxQu6GdIrXnbennYEl73k2ozH4Z3MiMxEWfdGv8RODwcabLz6McG2vE6nfSMHtQXNHRJd6hLqqVxOJOhbtdMnL9WID3JbWDQdJOxXLV0x73QdCWBdv7niOKVB576jAPh6iho9PpjeRvmjzwa20YE1JUS-6D6LjoAkSWYU5NNsV2ief_OR0xrerYDdEhxbEUzbMYC12Flyn10o3nHuXEAKFocCvH8sZnHPhYq0b1_4LGyoN5tAww2rPT8zY7KggI1Yj0wlTdoZb8DOXSiXphg2n2NQ65ljA5Ejko41KwHc_lOe4uasdDE40lOShk2e6ExbBmtxskMmcpJE5yjwDNeARFkXaPOAKLZGKq8mzjHsRMCnp3_RT_xqKmYsDub8LVINp-bCIyjoWnrgIKkhTjAaLdO8ilS61lYTryFkj0k6JSqiXKuV_xnKjPMtbyfP2HFkvHtkqtCiMzBL0q_9wQeIthML7pwm22wkJ7RQVUMiMnB6gGgXrmFmDWDycdA-tpAxaeB5u6AkV6o0aIfVscyPScNaO3raV3AI-IZhRxJ0uVOY5tT1ttGiVgJGqu7Wht2BJBUD7vyvH5owE4GKe0OZlIXTORCPPd0JVbCiVcQGomoDoHejqPV0oGMaup5__6xgCyHaTZnccn75objXBBMLLsaVKwIbdMfwQuxJnfYHRCUgehcfrCvMsdalQ0n4CUHJEbq07tmYtnwlcd9Y1PFbKDZlrSNhDsFDDJmSSf8TUKydYQWYhad_eomsuPxdOMYxTiVY_hxUWkiezzpvZVyH3Qz4KJ3FNfxyYdNXvF-0NecH6WG7plALfQiLsHrvIU231plnm1XmYo9vX2TO2oF3Ulg-bWyH1TgE57AcrTgqNO2rjGdTEy7qHUj_lOf1FmzZHi5puHi5rnYVGaHg-6JCJIvKpbWWu0yQCK5t1fJAtWk-_7p-ZZp6OZuhppdvxAWkkce8lzj88EBQf7KndBV-D6OCvOyZTprCUQtyf9dLUuHkg8iBkU5vr2ELHtN09-ggx5kRcTYBUb90uQZ6yQMgcRQ2qtKia4_NRSaJr-ew9DVfhi42aw4SHx1RSvWAd3Xs3n1wIvyvyubL4g-528U5-vzObWgeQLfBZzeoIppbs5esRWNCuzxjrqNVKtgyJotNDHZ2QbZo0IbFoL9iUYXl_-MqtPdm3blpd7Ux6Sp2wPS9TqI9rlac4mHmNi4Y2Zf7ruFG-OvQdIek7-Yas0KA4BmKzdbAvDCEAbiIg5F1IpkXJlFXm1Cb_qflXdjV5-QOBpUxVbZIbdsQsGZJp0Q87RC9H5Tk6cZyIx8UHeEMbD8kvU3jKXNjKkBCLxxzrhS0VdC4glMGjYOehoWja59zGD7KhrYD5ksTHrehM7eTO4UzcAyRPWkLaAxtuNCcN4m_utfRuSJ4uczLgVa1Gdj_REumhjdd_0MiTe72Bgy4psBhirEhfc7g58wMl4FE7h9LJLEilp6WxJdMyVZqi_M6BmCJEwyAReEPQjNnrKXN_XpZBZ5I5EEdPzHphHV0GQ6VXG_I2WdI6JIos2bdkh4f3NCJqxMCqRRchsdIxombBlfP0RdYUW8xWs-8PWWva5BXU-dpaUKw&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=7614188201635871000&adk=1033480531&idt=129&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
51581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
server
cafe
etag
10713822464293745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:47:55 GMT
q84gc72z27ut
hal9000.redintelligence.net/zone/ Frame C19B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
aaee0a9819baf69846b54a52ea8cb4fc51987cb160a6bfe4567c0719d69f6bc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4140
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2F33 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Origin
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 2F33 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwVIcswnX0q2lBDgsesetQeznSGJsAaVFRWZXYdUGBXuYtwqTXONWhu_flQukPItUjmm_nKZRhcjaGY0NQIkYnf9w8Yg&cry=1&dbm_d=AKAmf-CgdgUGAAgYcQbdLjwt0o_2W7IjZBjXBegSbwKKVjPn_5J5rjrGmHKqdF0A3aDtZDtQtTkgtjkb4azthZnsxufnMKu_s78FCeOq6vA_t1CEn4tqG098GwVQSWoGrBn9F0Cx06XktAE9qhOE_vC3Ba5gbJw3wlGK58WCkCDpE7m65BheHrEdVnF53_PdEJCO1ljRyRA-P708Cfz2PYhkV5JPSwud1IEvKrhxlf6gLjIA5Nwo1n-SNHh8b_3ug3__27lBl242muaUHWNKe4HFpmmB9_8CTUb3l7g-E8jfu4I1AVe65YsIsugVegv_PidJEEDtfAhe8L2Z_mNMpzjYPI9OrczthykUjvZHQhEDb2aiesvcI8Xy_6ad6MZZJLBgQBnMS5sLbTRYGC-zduUqrr7pSrSKUN7Hk8irl3LPZn1IuAEM5QwWkndtm8DFi1xV-BCQ-0ZvuJlNDJ9lReX8CNsyUOs0iuDn52ejiau4DAjq5uEAyPp4n7A0x-okDS1DH2TKF3SU5i5hy_vbzNhQFwAuLkRYmBwQsQAGM2bil21ncmnK5ks7IE9sNoyiFNbDqr1woxL069KN38ngzp34RFBeJ3VBOGMmGdDmjKXcOz8gEayJ00oxqkfDECh2SRwwog3uA9dIyqFSJp-klqnqcskZ_kTcTR3_URVv7nlWkEbmZox_vfh-kg1ag9Z-KupdH1lv6joNKFXZGSU6twYCGVA4gnRS2i947ltbXY0xlsTs9bV4SX1oT0-CklcFQtNunplXseBcC8q4d0Wd1qUORtx_-D6TIcB7ccncwqrA6_7oSgKhGa05de53rKNsXiNSD7-MzKVvH3KewdyynWCSPpXxzy3MGKN_VcQJjYW7l8qwtMFfwqFR1f12H3qToyceATZkibHx-ZjRbRrY7c8V6urTB1kOxswLALd358CnioNsLGl6i_Fl-Bd9vih6AI8eO8SrieulKUWHGUB5jEttLDrvCndMHKrUs3VlbZhQvrpg3BDnc-LJRvizFuNf-0Qj2H53XUZdLx9Asm2QBURYn4q5mkK1fiwfPbmW7UOUXR36nwprqgHvQDiNPkPbSfSXPUtyURGl9J69j6RRlZR1Aeknc3qxlYapOJkGtOOU6B8JQAIJxq0Gk_TVgvgqZXUwIy-mTNVSPgs0pEUD0JTC84oCV_WC9KI-ORSYVU662PoamQe9T_1V3xVrDd2Ko9_9X36_NOZTwTLBPhqvy_rh7V87iL1ExkAB4esZ3brH5klDPvafRd9A9bWClPEgagtDwwSVjStzpw__MEUQ2esKltV1bJ5qxZOpDHT-5Jqvb32ySNbMO-5rjpQaNNUNpSKBgjkTWkWLCwSuBqbQJ1fVGPIAn12-nGS0G3Gl-I5tUMbJYqwMU2YqbzKv4mdnaCMzqlbLU6ByZUI0arurDjyMM5CM_3t8UwS9qXV6xj5cMWgd5vJ68uSBGF157dKalwTDfCnKObwB32LKtPT2gsv8XJXj2L89GNJQ7hkgAMEGfAHCokXczZwEOcx6qmhcZZ27Ypoc6w2KvF7uo4lWyD2owjfY3z5C8yra_hJlRn3JisRPbon6pr9-A5xHeTAFSY5iM6mSiHaBm5nY81W9p9iWuQqMc--cTvbcww_elfJDh1bgRA35obnDUxPdlnZWPYow-YZckh-HanxStLMTCfdRsl3ofg8ARftVYj4FTbUI7t8CNbdoo0RFkYO_TthxeGgl0A_bzZ2KrGWc1xj8RnS5Z0dN7nVpjWEN_YoTG71KsgtyTLpupehsNF0Ok0yp5hpGTRyQx6ihek3Zq2DYkZS-4Z724BIyFwC7SgsaxDgxmeo4Ckea-nRdw3K_G0tw-WiRmVL9wW_BxOVjowR0Mm7ssOMPePOIHFtRJ6GJG6ZljRyilOCJOwvtV_TNCvKBo7n4-8JXl9-0ozoiwBvIOjVzMH5epK2ZKJvK2R4AeFdC4rJ9HQmN294RrQKkPvAO58ssgc0vaR_acTzMCzEGIZNdAD6WknStjkGOzB0VVN72s8-tYGJ3L4sIFhnRCen0W-MLKjRiqwM--kzA7LxmNHeL5rDUvZCLPK9ZUVCP9ybytdDZWq2OWww0LOtD4NCesa6kYipaE8KD7OUWqSx8tBL0DFMRmuY7OJgpLrLjmy6O9nzCZgFuaVcdmQZ3-JaWN7KNN5BW4CE_JQKzy92BBqgBK1AFWGGyqAnY6ZkpRkYGO1wOEHn1OdqMMd_3_sNsSqliTWju3oYR-GHK2Rl2CxtacI0zpajyB1n_sMQ0GkcFDO1oMawlOR_b56aKEGETX_T5XmqQ0VRrJMaARLkSxgBR7vK12fAgFXaY0ojoSiuxA16Wq9f5FO6wAOgtzBh7epUCB0p_0LQOzY54BMdv7SLbA4_1ouYfQo9Ksd42X5OpA4Z2xiWEfpqdnH7sZ8-v4zbYAcrNqo9LC_Djb57WwOaWQGC5f3SWaPI4pdFEUvKRjUp9YND7wm99dJan10MCenTZrUzTk5f4d9S7YSS_dEDmOcpi32MCbJCn-skZbbcvEqoOcpVSdYv9ZCD2A2-bvsmSFSY-Kwe92Ag4dO3pdYDcybb_Pn6pWgNx_fiQ8a67gp0DmGLSb9EdeixOvDIGJUozTZLH_CajAwCHjXGheITFVZF9YxZWT9e5uLTP_6IW2rwA3Mfuvag7gELYfD9o3eHwBd9boeHSP_8uBOsGZvozUuoYZN9rZXCMgf_5BnOsja_uyxxyB2bGQyfmZRwGhzuK7_4_yt2H5byohmVXxy5MuAwP_jTVNGasw_4UHkXGc9j6lLBsQm4raK2Qu7n9T1DvkTTSh5i8pbP53tiJoDRoBegKLQlPFFA8ipfk9uqvmnes5_HCAfXCxPzFOd8BNLzOMaoGCtvWMOqW5eNI8LoX83xXfJffhOOL-DDE5ktVUk17CjOkUokCp4pavgG2rXfU1iYR1ofAm5EWUyzmFVGEjua4e_Vw5VTV940zjjVh7aWlAKKZ5YFD3jckvuA6QjC7BMK5B8JOriitIOEiXPeOOBLZjU1dWNPl3IQVI-lBgzfKLNGPnLwC7c58VucCSfeWwa4UqvLXVLeYzXynFalXq7wOFlTvbJ-OfLYVxCsJUp4oijoKHSmqvQs8-izbm8xirA_HIg-m3siAFAHtpeRI4H1Ye9Iqrc9p3LQMItA9ZTKr60nG_EHe16mDcVhJbpRfWTXpAJIhvVNHQIamxVmo97DrPCxBBNmfLdPgJEG5PccF96SeZvy4kL3xdp1U9-MjBRfmiciFtsNHMnetz3oIkNiGQp-0NOsYKo3Gx-FoWcKy8blx_P3Ucu5PShPHaS6yf1ufSJoK01QR5R60ujElVRa3R9RjIHEauvwDzyrFrA_mFnWTTv5gZI9W6teMfeUUCkieTko1F3_jXKuGuV3wGWi31j23BBWu3gVGHeFmdoMlUmNPyr67Latk6ZUiHdEuNI-er0QwwR-6fRMHjYI0Xhbxwpw-OIbWLzZyN2XdyrnaggiJZUiiPq1kIp9EFou0L8abP3VWLoRrPEKx2esjRhPuBy86Uw&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=11866485274032170000&adk=3690638929&idt=130&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
51630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:47:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 2F33 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwVIcswnX0q2lBDgsesetQeznSGJsAaVFRWZXYdUGBXuYtwqTXONWhu_flQukPItUjmm_nKZRhcjaGY0NQIkYnf9w8Yg&cry=1&dbm_d=AKAmf-CgdgUGAAgYcQbdLjwt0o_2W7IjZBjXBegSbwKKVjPn_5J5rjrGmHKqdF0A3aDtZDtQtTkgtjkb4azthZnsxufnMKu_s78FCeOq6vA_t1CEn4tqG098GwVQSWoGrBn9F0Cx06XktAE9qhOE_vC3Ba5gbJw3wlGK58WCkCDpE7m65BheHrEdVnF53_PdEJCO1ljRyRA-P708Cfz2PYhkV5JPSwud1IEvKrhxlf6gLjIA5Nwo1n-SNHh8b_3ug3__27lBl242muaUHWNKe4HFpmmB9_8CTUb3l7g-E8jfu4I1AVe65YsIsugVegv_PidJEEDtfAhe8L2Z_mNMpzjYPI9OrczthykUjvZHQhEDb2aiesvcI8Xy_6ad6MZZJLBgQBnMS5sLbTRYGC-zduUqrr7pSrSKUN7Hk8irl3LPZn1IuAEM5QwWkndtm8DFi1xV-BCQ-0ZvuJlNDJ9lReX8CNsyUOs0iuDn52ejiau4DAjq5uEAyPp4n7A0x-okDS1DH2TKF3SU5i5hy_vbzNhQFwAuLkRYmBwQsQAGM2bil21ncmnK5ks7IE9sNoyiFNbDqr1woxL069KN38ngzp34RFBeJ3VBOGMmGdDmjKXcOz8gEayJ00oxqkfDECh2SRwwog3uA9dIyqFSJp-klqnqcskZ_kTcTR3_URVv7nlWkEbmZox_vfh-kg1ag9Z-KupdH1lv6joNKFXZGSU6twYCGVA4gnRS2i947ltbXY0xlsTs9bV4SX1oT0-CklcFQtNunplXseBcC8q4d0Wd1qUORtx_-D6TIcB7ccncwqrA6_7oSgKhGa05de53rKNsXiNSD7-MzKVvH3KewdyynWCSPpXxzy3MGKN_VcQJjYW7l8qwtMFfwqFR1f12H3qToyceATZkibHx-ZjRbRrY7c8V6urTB1kOxswLALd358CnioNsLGl6i_Fl-Bd9vih6AI8eO8SrieulKUWHGUB5jEttLDrvCndMHKrUs3VlbZhQvrpg3BDnc-LJRvizFuNf-0Qj2H53XUZdLx9Asm2QBURYn4q5mkK1fiwfPbmW7UOUXR36nwprqgHvQDiNPkPbSfSXPUtyURGl9J69j6RRlZR1Aeknc3qxlYapOJkGtOOU6B8JQAIJxq0Gk_TVgvgqZXUwIy-mTNVSPgs0pEUD0JTC84oCV_WC9KI-ORSYVU662PoamQe9T_1V3xVrDd2Ko9_9X36_NOZTwTLBPhqvy_rh7V87iL1ExkAB4esZ3brH5klDPvafRd9A9bWClPEgagtDwwSVjStzpw__MEUQ2esKltV1bJ5qxZOpDHT-5Jqvb32ySNbMO-5rjpQaNNUNpSKBgjkTWkWLCwSuBqbQJ1fVGPIAn12-nGS0G3Gl-I5tUMbJYqwMU2YqbzKv4mdnaCMzqlbLU6ByZUI0arurDjyMM5CM_3t8UwS9qXV6xj5cMWgd5vJ68uSBGF157dKalwTDfCnKObwB32LKtPT2gsv8XJXj2L89GNJQ7hkgAMEGfAHCokXczZwEOcx6qmhcZZ27Ypoc6w2KvF7uo4lWyD2owjfY3z5C8yra_hJlRn3JisRPbon6pr9-A5xHeTAFSY5iM6mSiHaBm5nY81W9p9iWuQqMc--cTvbcww_elfJDh1bgRA35obnDUxPdlnZWPYow-YZckh-HanxStLMTCfdRsl3ofg8ARftVYj4FTbUI7t8CNbdoo0RFkYO_TthxeGgl0A_bzZ2KrGWc1xj8RnS5Z0dN7nVpjWEN_YoTG71KsgtyTLpupehsNF0Ok0yp5hpGTRyQx6ihek3Zq2DYkZS-4Z724BIyFwC7SgsaxDgxmeo4Ckea-nRdw3K_G0tw-WiRmVL9wW_BxOVjowR0Mm7ssOMPePOIHFtRJ6GJG6ZljRyilOCJOwvtV_TNCvKBo7n4-8JXl9-0ozoiwBvIOjVzMH5epK2ZKJvK2R4AeFdC4rJ9HQmN294RrQKkPvAO58ssgc0vaR_acTzMCzEGIZNdAD6WknStjkGOzB0VVN72s8-tYGJ3L4sIFhnRCen0W-MLKjRiqwM--kzA7LxmNHeL5rDUvZCLPK9ZUVCP9ybytdDZWq2OWww0LOtD4NCesa6kYipaE8KD7OUWqSx8tBL0DFMRmuY7OJgpLrLjmy6O9nzCZgFuaVcdmQZ3-JaWN7KNN5BW4CE_JQKzy92BBqgBK1AFWGGyqAnY6ZkpRkYGO1wOEHn1OdqMMd_3_sNsSqliTWju3oYR-GHK2Rl2CxtacI0zpajyB1n_sMQ0GkcFDO1oMawlOR_b56aKEGETX_T5XmqQ0VRrJMaARLkSxgBR7vK12fAgFXaY0ojoSiuxA16Wq9f5FO6wAOgtzBh7epUCB0p_0LQOzY54BMdv7SLbA4_1ouYfQo9Ksd42X5OpA4Z2xiWEfpqdnH7sZ8-v4zbYAcrNqo9LC_Djb57WwOaWQGC5f3SWaPI4pdFEUvKRjUp9YND7wm99dJan10MCenTZrUzTk5f4d9S7YSS_dEDmOcpi32MCbJCn-skZbbcvEqoOcpVSdYv9ZCD2A2-bvsmSFSY-Kwe92Ag4dO3pdYDcybb_Pn6pWgNx_fiQ8a67gp0DmGLSb9EdeixOvDIGJUozTZLH_CajAwCHjXGheITFVZF9YxZWT9e5uLTP_6IW2rwA3Mfuvag7gELYfD9o3eHwBd9boeHSP_8uBOsGZvozUuoYZN9rZXCMgf_5BnOsja_uyxxyB2bGQyfmZRwGhzuK7_4_yt2H5byohmVXxy5MuAwP_jTVNGasw_4UHkXGc9j6lLBsQm4raK2Qu7n9T1DvkTTSh5i8pbP53tiJoDRoBegKLQlPFFA8ipfk9uqvmnes5_HCAfXCxPzFOd8BNLzOMaoGCtvWMOqW5eNI8LoX83xXfJffhOOL-DDE5ktVUk17CjOkUokCp4pavgG2rXfU1iYR1ofAm5EWUyzmFVGEjua4e_Vw5VTV940zjjVh7aWlAKKZ5YFD3jckvuA6QjC7BMK5B8JOriitIOEiXPeOOBLZjU1dWNPl3IQVI-lBgzfKLNGPnLwC7c58VucCSfeWwa4UqvLXVLeYzXynFalXq7wOFlTvbJ-OfLYVxCsJUp4oijoKHSmqvQs8-izbm8xirA_HIg-m3siAFAHtpeRI4H1Ye9Iqrc9p3LQMItA9ZTKr60nG_EHe16mDcVhJbpRfWTXpAJIhvVNHQIamxVmo97DrPCxBBNmfLdPgJEG5PccF96SeZvy4kL3xdp1U9-MjBRfmiciFtsNHMnetz3oIkNiGQp-0NOsYKo3Gx-FoWcKy8blx_P3Ucu5PShPHaS6yf1ufSJoK01QR5R60ujElVRa3R9RjIHEauvwDzyrFrA_mFnWTTv5gZI9W6teMfeUUCkieTko1F3_jXKuGuV3wGWi31j23BBWu3gVGHeFmdoMlUmNPyr67Latk6ZUiHdEuNI-er0QwwR-6fRMHjYI0Xhbxwpw-OIbWLzZyN2XdyrnaggiJZUiiPq1kIp9EFou0L8abP3VWLoRrPEKx2esjRhPuBy86Uw&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=11866485274032170000&adk=3690638929&idt=130&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
51581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
server
cafe
etag
10713822464293745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:47:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F231 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:28 GMT
truncated
/ Frame F231 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
093083252c279b0947c71ce9d05cfc2db2eebf9594f3b370215a194ea89bb560

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9DD8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:28 GMT
truncated
/ Frame 9DD8 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef690493459f8f0438a38f8d0cf1eb9be88383645f51694d4d27f8886a2dcf4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 396C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
327481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Jan 2023 12:09:35 GMT
expires
Tue, 16 Jan 2024 12:09:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e62787595e00ac6a227feeab2f0228ce83dc416622b6c55c1ed8d868b5a0d679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
234323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2840
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 14:02:13 GMT
expires
Wed, 17 Jan 2024 14:02:13 GMT
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F231 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUaUm6QasEEUd4ZE1ybkRLBHpbxgRfZMo5eR_Xg6wqEuLpumsI3Z0hpwzI42AMDWBK50JunvaoZtP0a8XkhRaB-Q3adfaVMCSnKOQJSsis2TokrSNCZKKHzd10HZBQL9DKf0BtrWgAogrwiB0qAP0mZvxK27X0AVF4MGO6n_kpBY3xLm6GMjJGgyRvwC1ONI5IPYsuW8cKiDzrGnt7bL9zlRg0RKIhFKONm_EE7br5V25GP3j9csTJpSAk4GCrVVqa0Kd7KMY8qk2E0YcealdvUEt3HbqRZ0uBKWqSsgewXR7ibgnOEiEIkGIwxrEDixrpyme_lzOHLkp2B4T8Nj8tIy8Y7BPytvoeXD4W2s7cNx-l7wr7WTgAyYDkHFgSJOQcaH-nVX8I8UGFutZFuhlIW5ayIZ-rAWuDisZ7LfuBAl4wJiA6eUUJO-RhdMxVAsWzT76xs-yxQQN_XRedmfxuZDIKU5ITArqXBC1cEfVeOuTTE8mBAhLJdtPYU9YJulyuZQBlj52IHm53MfOMhsIzpF-j76bAsCEUa1aAFU0ekWrfE6q74QUEvD3ZYIiPqtoVeDxOoqmjlWJCenBOW8ANQVV_pahsv6JtU_e3SlaOm3dPbuMPgvOQKi5mo9a7Rp-5UzONk-llbLMN-Byai5Uy8G8qzLu732OZqT7ylQWer0O9mEH9yUTAfQs1lxfcMKx44mIF-ZRl8sZIYh-wMJxxex-TSPgGjHcKgpTVsOqh2Bs8b4GUPB2ixwYwT-pXCW_HtQOUAI2zf-PAv4Bk7iOeSgmqE04tkNzapU8mc4zg3xZW2TLjqtzL96hcDnPm89XXnRVTGYjQvUKPho2ihHPVYxsovxpB2ssjxJ5yGTY7KGVjuxShu1elP-De1m5a1Wuh2OPeQyFzEOdjCCBVM52m9SLmGHdQPzs-y7XndURkcudeNr6XdiuBWs3WNmgvgGQCg9RTOnikBzOeW925s4ceEpjRW1b6Vaxzm6h57SLS2lDIM0VTAyF7vA1bjOXEPUTfPS06w9dm0146D0n_B9NymeXNMRdHcZIrDnCSU6JjdhZSSMlTSNHdf_-5fxu9VUfJCXd93T82SvA0PsgHH7DuYMZ2D7rEvM4A6_xE9Cmx1tp_MACwrkWnIwz5ms3C977sfTiKjGCXy2-zlaJ-ro-11Sr4_lg_XgGgA2jAtO37LSw3hOco98_-uAR2CmcJ2-ppl-SNwmdVoCDCfY7DsYHaAyS6VaBnaRQx4QGLX6-vAbjkDcVMDSzg9S1oTSjFKPMLarQ0VA3XRN3QSDgKK7XHRGMqHJpId7RMkObBW0T42bqV4AE&sai=AMfl-YT0WsYrif5JuAG-xhC97fRnLvu4CChbP04Pqwyd4b9lhm9rxYEF5C0hrhdanRfrMIKhZQKJmwJditZdt96bO3NZUnSIni-ZaN8w464y4kHOKVQEPSNuVk-2Sh2la_jzxhcvC3frwdB6z4u_5WdbNHd6_ELhEpA7_uomRwqY4Li1BhchA76uv1P6iAJDQVTaB3QwkP8K9uQCUQw-OiK3MIUo9IBsF2C1hmQLslgLE8j4ziQyv4AEcbcdfWfbWPRgcAcgEZPPdPLRK6IaC5g0MIb-j9lE_WjXskhe3YPP_Q&sig=Cg0ArKJSzFAIP_Kd-J6bEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=140&cbvp=1&cstd=137&cisv=r20230118.17596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
index.html
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068a3818975d4f82e839aa24aa22d59cd599a122ad6aef1cafc60114d08882db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
252768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2839
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 08:54:48 GMT
expires
Wed, 17 Jan 2024 08:54:48 GMT
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9DD8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9MixdaemhaHc6v04ZhySHsbFMNl6kHPZFNcALCDSYJ0JNjzXRt_atgm7UoKAJawooB5wZvhfDWqki02U7xmUu80rdzf0aUvOQjW51wff_4-BvJNSYulH8OxOg3K4BuJcuuTZTvVg0t1Ef4levLFK5XygjujP3KEa9BjPj0gj3WfNqyw2k31NvK1f45o7h94w4YuMqtfdq9Yli09GakawKcqSuxjzCm586HVWSBQXNx1fmpZ14I1fYEu91gHAJHzNRkU_EgaFDxM5ANSJM3Cu1Y3JAIX_-1qoOil0wMtg6ySMNlSHcYamciZj90LZsZ19jz50-OTZF5DLcgTYeowWKNfWOL76oIVqhQ0CD8ZlpEem75M2f05EUvsv4vjFFcZU0tBfex7oRQ_RTFG4GdHPF-u8WGxsQfv-YZgdqvJDtdm-aWGeWPRBeN-ZC88SM9yLSVK7b4vr495uGBDsEmKqnI3ZxK0GgY5MPumLlFuyDz_V-l-kt4bImjU_g7PLBNijv9EMWCdiKlyyth7K1jdIxYTtE3nLGYmjsf_E-RzyxW5BRJViHlZrJwKvJ92fGz1XlLZN8XwTN9NhBdLYurwKajSOzmQ6osNGZx4FRrdBrWD4tzgAjYvkcIfA_bHgh71mWVOGOruK0eBkr1TQDCVQKAGdVwMZhUFyVtAOlWb71eFYH-Rpxj_j8e1AlLr6zJ8PXLaOmosrgKmJxXiJsBbMa_8CYy8ZX73g8lHYPOzv8hkHDQ6MmQ-_wUjqauPMUmt007kXPK838J5uGMcRC4MXbpSmmabyBSPIPeU0Qm5ZY9JyZfbufKfiFIP7DPK9hwUJEWiOqB663Dl6xgqaycMU-IiQN9fcY9q8p05CPN2WkglAVFZmWXZFWNLagV9XiMItdio58b1BzYHMvoGTbIDCPl352gA0ELsCrJTorY7S5qDgCji8Ru9KLL9CRw4yensKiZxA8y7qtdjl5Kamk2_qb8bhIA-AVRhRREgk3HI3rG3rMGPeMmRYazziqB2mHol2JSDEVn0tHBQ_VhDsb0EyXL_CgxP0CxXjBLKRz-_uP9L6w007T4KXOqynaOuKzui-Nhz_kAzSD2e_CvJw8dqOk2a4vo_yRnCNk6H4X0bxqYk3tjX-1xxBelecxSICqcByjS-RA68plKKNf7IWPKxzHbQ-3VABZ4PhIV9C7RxA6adpiXXnqSaQRxlAmVm_H7Ig1HQuUW3QOND-utWvZ6NZ-7VNGNfrwDFI6z5YjckjK0WS8Je70Ft1rHVQ_krXsD1QEtc8_8aUuXIOeuB2CJV2hcTgQKdcgh1ncXlX3NfpJ&sai=AMfl-YSS_UUZ8X6qMCzj71cShAY5v3u1h1WFztS4bBUgmJViD0Zf082sXaIbexXan3DDOer72YSxyzR92eLeazBmkl7DySwvcavBx4c75Z65Spo2PdZroXIKpYMNjoqshRRGh6NM-MBeuQm_0Ii72hG-YrwT3r1tq2qohmWsbxcoexxPt6dLyY6CgMH-NFUd7IGsvytHzVqwHQl5SblxqwvYOE5-UDjEvo9iuEvPDPhVcAgMHqde0nnKcOiXqGf2iluHDzD1znebnQIFxzL4yUiKtExH12cykR7gF97rVMbVhg&sig=Cg0ArKJSzHq-vV8rx9SyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=107&cisv=r20230118.88683&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
bulk
trc.taboola.com/ynet-vesty/log/3/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/log/3/bulk?tvi2=1571&route=US%3AUS%3AV&lti=po_test_ctrl&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
20
pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish
x-served-by
cache-yyz4578-YYZ
server
nginx
x-timer
S1674198457.552692,VS0,VE20
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.vesty.co.il
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2F33 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:28 GMT
truncated
/ Frame 2F33 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6c1b957fbe542120d5fb599c545abc009e7c541e20a500666251172b690b4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068a3818975d4f82e839aa24aa22d59cd599a122ad6aef1cafc60114d08882db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
252768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2839
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 08:54:48 GMT
expires
Wed, 17 Jan 2024 08:54:48 GMT
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2F33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5yE3bXK4XMIkX1MLf3yk5CNs-XxouEprzrnLJfrgsbRIkPa4n3ENW7H9IjfwrMjewI7M9-XvA75ioW9Nh_hwvbZHhqqjBDOTft-p9mjIxjl3iluhhiHQ04qdDjS_DUfJ8pLGag-tQr37rTHYIF_qwbAGn-BvE2BOQLzsr5cAd6p46wPaD-4APxbU5TedTPloXzBNZ5M0t5Q3le5Mw2gJV-WTt-ad_8_hDajDyx4_QN7K9zzIyjh4auKokJoFegY7tDp7rB9NRLU0Y2gibkzSDkOkRr80K6A6vAhBK7pfGONv5oIwAbGPb92NJSka5D9AqhXyi0FPVsqvsOJTqvcFqFaVwM_t8xP49exSZHsyu8m6vIhlrVdLmbOrldlZ_JJ-rr4SuniCTW3MXdHbm7um9zuOVIvNYCTd75cld7m6JspXmOFYDyo2h14GEBbo5FqoVi6aHU6lKS3rSnJnRoVNhIMvEuI4LtRsAFJq9g8SPNWAhpIrYE8aLX7vLxCgcN0_1ezXTKBMU2xBK_TWh1PkZuSRfQlSKMHUmheI0sLI4ajEiVK72IHv9-OcIc_EhBIKMWlgju4aH4Ocrs55NK8quEDZFImZ5UKid1ghWPBKlfiSVWoHeR6yofggWDStu2GqGKYwPheUPjFDcKcbUeB8Ireyzwohqq6tuv_msWKNz97xbXhZySc8Div_1DWJtWyGnbWFdDoYGJXjVrbqB7Ogy-nS7w9W5Xq7j_YT1Zq2HVB4s6tPvCdg0ikEO_ziuGSIixl5pj4o8u_SMh7z1KmY-yAalL8Nn5bzT_lDzXRA2nfx5VyQ9_C0w1cm4HEHJQhDiaBKUiIRR5P-gBvEuAM55uKDeC65eS9wYsQbxbxmy1tEw3p5vDtXxPPilziVztC8O6z0hW5f4P4TIobDCAojNMs7gbMsPcIrTrEAdcOpWpvxJPL_MMPwjwlK4SR4GAHyPHJ88IlV-kUPZ54qu-bWmCaS_8A185RvQG7rfOSS9tn10ssFxDaKn_2dKIN-JYZEWR2hQUKngLNrDU-bQCRClVApmOdjz-WR5bmHYdoOp9bVRAlc7_6rhCabsbAbuwgdY0M8YMW0_AR-9WytkAGbnWuGQkQRVStojaW3TMIrBJp9v6QSAI-PtOf7ZE-bKhYNiq30LCz8Wx5r-f3AXEXQBacAfAGzngrnurZMj9m2xZENk2dGTSlOVtHSg9at8naz-YbLl69xK5oN_jdxxCjftCV1klFq8iS8IIAmLJG8n0sklS-5MvREtpxkW3cZc6Iohbubqe8tagi4-68LKpqB8tbwL1WiHw-1APnJbqwtS&sai=AMfl-YTAuUU1vap1FRjO0uJvAxmhN8F8L-XANFJzuiCzTJC25EzAnxhj8kxwNyrh323CwKEQvUkC6qRqiaDGB_raQf0p1p5vxKWh_Rj6--q_jGYlbDe69B3BaDlKmA_JqmNP7sgXLtw2LIAo1h-WorpKTnLs8bxicuehhpkfnv5CeY7v7ymwQyt_YIOuBGR3FZHS264FHxzhxAxPcMtYnC8h-sZMRnhAdC8gMt42786LeaJwzcG_K9nuE0IAY5bsqs8oMZe1hBDXML0RUjSsDlYPCV2Kk-ajwlecAsRxY9TGOw&sig=Cg0ArKJSzBUbsAx20JuAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=160&cisv=r20230118.62357&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1BDC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
327481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Jan 2023 12:09:35 GMT
expires
Tue, 16 Jan 2024 12:09:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900016.redintelligence.net/ Frame C19B
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4ee5f07152d8deee722dc065477d80587c1710018a1cca39db3c10d84e4990bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
88831100046840704445006012210016
Connection
close
Content-Length
1312
Expires
Fri, 20 Jan 2023 07:07:36 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 20 Jan 2023 07:07:36 +0100
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 135D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 07:07:36 GMT
TEF_o2Business_22-12_01_Preisvorschlagen_970x250.js
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/TEF_o2Business_22-12_01_Preisvorschlagen_970x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3800d87c94b9866d047aa850db885f2e8ba6dce645e064183c368e74c1b150b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 16:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226336
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3541
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 16:15:20 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3F51 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 07:07:36 GMT
TEF_o2Business_22-12_01_Preisvorschlagen_160x600.js
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/TEF_o2Business_22-12_01_Preisvorschlagen_160x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfbc954e81cf76b2913c104ec20ffa16effe22261add67317955c6ad2a528055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 01:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3541
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 01:35:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1C45 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
327481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Jan 2023 12:09:35 GMT
expires
Tue, 16 Jan 2024 12:09:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame EFFB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 07:07:36 GMT
TEF_o2Business_22-12_01_Preisvorschlagen_160x600.js
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/TEF_o2Business_22-12_01_Preisvorschlagen_160x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfbc954e81cf76b2913c104ec20ffa16effe22261add67317955c6ad2a528055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 01:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3541
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 01:35:08 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 20 Jan 2023 07:07:36 GMT
via
1.1 varnish
x-amz-request-id
C4YX393BV63BMCS9
age
28025
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
hJZ9rVKYX0/8YTS367+n1JLWaWxjxwlUGV9luK6w6nrhJtmZXbtiGq/h5BjCJKdhOOZFYFppGpg=
x-served-by
cache-yyz4578-YYZ
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1674198457.552659,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
29
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3988
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 396C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 09:57:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5752 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
327481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Jan 2023 12:09:35 GMT
expires
Tue, 16 Jan 2024 12:09:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 1BDC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 09:57:46 GMT
BG.jpg
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/BG.jpg
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7e29c3f5289e504d2151a36b4f4e36a79c40795fd61972945d4676dbfb0ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 14:21:57 GMT
x-content-type-options
nosniff
age
233139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50223
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 14:21:57 GMT
bubblespritesheettiny.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/bubblespritesheettiny.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ecfa572990e94acedaa3f98412b668277d09a314d645d0e4be182f3ae5a47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 06:00:15 GMT
x-content-type-options
nosniff
age
263241
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24762
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 06:00:15 GMT
bullet.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/bullet.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16347cc046696fa2e705915a3d69eafa91ef210ac2f3defd78ee4bc55a4b5e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 15:51:20 GMT
x-content-type-options
nosniff
age
227776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2523
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:51:20 GMT
cta.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		935 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/cta.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
972a46f006f15dc7139edd19ca25098f0fb185208d3f56fb218300a03ec66c1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:00:07 GMT
x-content-type-options
nosniff
age
4049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
935
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Jan 2024 06:00:07 GMT
hl.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/hl.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14efc51dfdb642891d9de51838eeb2ea9949cc8e65e008cc92e6419726ec928a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:00:29 GMT
x-content-type-options
nosniff
age
4027
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1408
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Jan 2024 06:00:29 GMT
hl_1.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/hl_1.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4649491aa1d518873845fcda97e103fbc24d79c52d43758e19251651b71b0e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 06:00:15 GMT
x-content-type-options
nosniff
age
263241
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3268
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 06:00:15 GMT
hl_2.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/hl_2.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8bb7cc5daa14c932c4c23a672a1ab1f285652d66ac5f8dd4a62105e1aad33e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 06:00:15 GMT
x-content-type-options
nosniff
age
263241
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1449
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 06:00:15 GMT
logo.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/logo.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f516ab7b3967e8f0f2155a5828ca065c3412e9e1910e47c3f6d5edc4efb57e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 12:37:14 GMT
x-content-type-options
nosniff
age
239422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2300
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 12:37:14 GMT
stoerer.png
s0.2mdn.net/sadbundle/12318181858450307502/ Frame 135D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12318181858450307502/stoerer.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32e0176480f85d5faaba6a5f9daa660a53085ebf397ab4df8a5777ac5f3203c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12318181858450307502/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 06:57:19 GMT
x-content-type-options
nosniff
age
259817
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4004
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:03:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 06:57:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F231 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUaUm6QasEEUd4ZE1ybkRLBHpbxgRfZMo5eR_Xg6wqEuLpumsI3Z0hpwzI42AMDWBK50JunvaoZtP0a8XkhRaB-Q3adfaVMCSnKOQJSsis2TokrSNCZKKHzd10HZBQL9DKf0BtrWgAogrwiB0qAP0mZvxK27X0AVF4MGO6n_kpBY3xLm6GMjJGgyRvwC1ONI5IPYsuW8cKiDzrGnt7bL9zlRg0RKIhFKONm_EE7br5V25GP3j9csTJpSAk4GCrVVqa0Kd7KMY8qk2E0YcealdvUEt3HbqRZ0uBKWqSsgewXR7ibgnOEiEIkGIwxrEDixrpyme_lzOHLkp2B4T8Nj8tIy8Y7BPytvoeXD4W2s7cNx-l7wr7WTgAyYDkHFgSJOQcaH-nVX8I8UGFutZFuhlIW5ayIZ-rAWuDisZ7LfuBAl4wJiA6eUUJO-RhdMxVAsWzT76xs-yxQQN_XRedmfxuZDIKU5ITArqXBC1cEfVeOuTTE8mBAhLJdtPYU9YJulyuZQBlj52IHm53MfOMhsIzpF-j76bAsCEUa1aAFU0ekWrfE6q74QUEvD3ZYIiPqtoVeDxOoqmjlWJCenBOW8ANQVV_pahsv6JtU_e3SlaOm3dPbuMPgvOQKi5mo9a7Rp-5UzONk-llbLMN-Byai5Uy8G8qzLu732OZqT7ylQWer0O9mEH9yUTAfQs1lxfcMKx44mIF-ZRl8sZIYh-wMJxxex-TSPgGjHcKgpTVsOqh2Bs8b4GUPB2ixwYwT-pXCW_HtQOUAI2zf-PAv4Bk7iOeSgmqE04tkNzapU8mc4zg3xZW2TLjqtzL96hcDnPm89XXnRVTGYjQvUKPho2ihHPVYxsovxpB2ssjxJ5yGTY7KGVjuxShu1elP-De1m5a1Wuh2OPeQyFzEOdjCCBVM52m9SLmGHdQPzs-y7XndURkcudeNr6XdiuBWs3WNmgvgGQCg9RTOnikBzOeW925s4ceEpjRW1b6Vaxzm6h57SLS2lDIM0VTAyF7vA1bjOXEPUTfPS06w9dm0146D0n_B9NymeXNMRdHcZIrDnCSU6JjdhZSSMlTSNHdf_-5fxu9VUfJCXd93T82SvA0PsgHH7DuYMZ2D7rEvM4A6_xE9Cmx1tp_MACwrkWnIwz5ms3C977sfTiKjGCXy2-zlaJ-ro-11Sr4_lg_XgGgA2jAtO37LSw3hOco98_-uAR2CmcJ2-ppl-SNwmdVoCDCfY7DsYHaAyS6VaBnaRQx4QGLX6-vAbjkDcVMDSzg9S1oTSjFKPMLarQ0VA3XRN3QSDgKK7XHRGMqHJpId7RMkObBW0T42bqV4AE&sai=AMfl-YT0WsYrif5JuAG-xhC97fRnLvu4CChbP04Pqwyd4b9lhm9rxYEF5C0hrhdanRfrMIKhZQKJmwJditZdt96bO3NZUnSIni-ZaN8w464y4kHOKVQEPSNuVk-2Sh2la_jzxhcvC3frwdB6z4u_5WdbNHd6_ELhEpA7_uomRwqY4Li1BhchA76uv1P6iAJDQVTaB3QwkP8K9uQCUQw-OiK3MIUo9IBsF2C1hmQLslgLE8j4ziQyv4AEcbcdfWfbWPRgcAcgEZPPdPLRK6IaC5g0MIb-j9lE_WjXskhe3YPP_Q&sig=Cg0ArKJSzFAIP_Kd-J6bEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=348&vt=11&dtpt=208&dett=3&cstd=137&cisv=r20230118.17596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 1C45 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 09:57:46 GMT
BG.jpg
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/BG.jpg?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5afb9b92badc59d409e22b0c4fae2628172d333d5cc286e0efbe09251480f3b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:00:08 GMT
x-content-type-options
nosniff
age
176848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17065
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 06:00:08 GMT
bubblespritesheettiny.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/bubblespritesheettiny.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ecfa572990e94acedaa3f98412b668277d09a314d645d0e4be182f3ae5a47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 14:56:14 GMT
x-content-type-options
nosniff
age
231082
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24762
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 14:56:14 GMT
bullets.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/bullets.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dd369e08428c6a91de03029d9afc779d48fd55f1a5a72e487729e3421a2b476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:00:09 GMT
x-content-type-options
nosniff
age
176847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1374
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 06:00:09 GMT
cta.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		895 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/cta.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3563750c08e00b6ad335f3c24f17be2214ad1cd9d69f5f3c77498a13b044938b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 07:00:02 GMT
x-content-type-options
nosniff
age
432454
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
895
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 07:00:02 GMT
hl.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		822 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/hl.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ab65fbb5bdd8bb5c725efa4fe633d832403e0befee51eb5204b888e3a0c64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 11:42:36 GMT
x-content-type-options
nosniff
age
242700
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
822
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 11:42:36 GMT
hl_01.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/hl_01.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d32615648152d4535072adfde4138fe2bcdf9d13cb14dde9a8bb85bcf9e91843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:08:23 GMT
x-content-type-options
nosniff
age
251953
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1973
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 09:08:23 GMT
hl_2.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		804 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/hl_2.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edfe14856c858f9c02455f9ef94cb989f5ad4c54d44cdce012ac93399242cedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 07:05:50 GMT
x-content-type-options
nosniff
age
259306
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
804
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 07:05:50 GMT
logo.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/logo.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc3656863820bec1435d5828eeeb910f8e8751a98be93bfb627f8a0be08bccef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:00:09 GMT
x-content-type-options
nosniff
age
176847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1467
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 06:00:09 GMT
stoerer.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame 3F51 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/stoerer.png?1671095164387
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01fc60c5d664b6669eeebd98f6aee133e2375c1c16f9056dc492924123343893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 15:55:26 GMT
x-content-type-options
nosniff
age
227530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3011
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:55:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9DD8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9MixdaemhaHc6v04ZhySHsbFMNl6kHPZFNcALCDSYJ0JNjzXRt_atgm7UoKAJawooB5wZvhfDWqki02U7xmUu80rdzf0aUvOQjW51wff_4-BvJNSYulH8OxOg3K4BuJcuuTZTvVg0t1Ef4levLFK5XygjujP3KEa9BjPj0gj3WfNqyw2k31NvK1f45o7h94w4YuMqtfdq9Yli09GakawKcqSuxjzCm586HVWSBQXNx1fmpZ14I1fYEu91gHAJHzNRkU_EgaFDxM5ANSJM3Cu1Y3JAIX_-1qoOil0wMtg6ySMNlSHcYamciZj90LZsZ19jz50-OTZF5DLcgTYeowWKNfWOL76oIVqhQ0CD8ZlpEem75M2f05EUvsv4vjFFcZU0tBfex7oRQ_RTFG4GdHPF-u8WGxsQfv-YZgdqvJDtdm-aWGeWPRBeN-ZC88SM9yLSVK7b4vr495uGBDsEmKqnI3ZxK0GgY5MPumLlFuyDz_V-l-kt4bImjU_g7PLBNijv9EMWCdiKlyyth7K1jdIxYTtE3nLGYmjsf_E-RzyxW5BRJViHlZrJwKvJ92fGz1XlLZN8XwTN9NhBdLYurwKajSOzmQ6osNGZx4FRrdBrWD4tzgAjYvkcIfA_bHgh71mWVOGOruK0eBkr1TQDCVQKAGdVwMZhUFyVtAOlWb71eFYH-Rpxj_j8e1AlLr6zJ8PXLaOmosrgKmJxXiJsBbMa_8CYy8ZX73g8lHYPOzv8hkHDQ6MmQ-_wUjqauPMUmt007kXPK838J5uGMcRC4MXbpSmmabyBSPIPeU0Qm5ZY9JyZfbufKfiFIP7DPK9hwUJEWiOqB663Dl6xgqaycMU-IiQN9fcY9q8p05CPN2WkglAVFZmWXZFWNLagV9XiMItdio58b1BzYHMvoGTbIDCPl352gA0ELsCrJTorY7S5qDgCji8Ru9KLL9CRw4yensKiZxA8y7qtdjl5Kamk2_qb8bhIA-AVRhRREgk3HI3rG3rMGPeMmRYazziqB2mHol2JSDEVn0tHBQ_VhDsb0EyXL_CgxP0CxXjBLKRz-_uP9L6w007T4KXOqynaOuKzui-Nhz_kAzSD2e_CvJw8dqOk2a4vo_yRnCNk6H4X0bxqYk3tjX-1xxBelecxSICqcByjS-RA68plKKNf7IWPKxzHbQ-3VABZ4PhIV9C7RxA6adpiXXnqSaQRxlAmVm_H7Ig1HQuUW3QOND-utWvZ6NZ-7VNGNfrwDFI6z5YjckjK0WS8Je70Ft1rHVQ_krXsD1QEtc8_8aUuXIOeuB2CJV2hcTgQKdcgh1ncXlX3NfpJ&sai=AMfl-YSS_UUZ8X6qMCzj71cShAY5v3u1h1WFztS4bBUgmJViD0Zf082sXaIbexXan3DDOer72YSxyzR92eLeazBmkl7DySwvcavBx4c75Z65Spo2PdZroXIKpYMNjoqshRRGh6NM-MBeuQm_0Ii72hG-YrwT3r1tq2qohmWsbxcoexxPt6dLyY6CgMH-NFUd7IGsvytHzVqwHQl5SblxqwvYOE5-UDjEvo9iuEvPDPhVcAgMHqde0nnKcOiXqGf2iluHDzD1znebnQIFxzL4yUiKtExH12cykR7gF97rVMbVhg&sig=Cg0ArKJSzHq-vV8rx9SyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=342&vt=11&dtpt=233&dett=3&cstd=107&cisv=r20230118.88683&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
BG.jpg
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/BG.jpg?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5afb9b92badc59d409e22b0c4fae2628172d333d5cc286e0efbe09251480f3b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:00:08 GMT
x-content-type-options
nosniff
age
176848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17065
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 06:00:08 GMT
bubblespritesheettiny.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/bubblespritesheettiny.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ecfa572990e94acedaa3f98412b668277d09a314d645d0e4be182f3ae5a47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 14:56:14 GMT
x-content-type-options
nosniff
age
231082
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24762
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 14:56:14 GMT
bullets.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/bullets.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dd369e08428c6a91de03029d9afc779d48fd55f1a5a72e487729e3421a2b476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:00:09 GMT
x-content-type-options
nosniff
age
176847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1374
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 06:00:09 GMT
cta.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		895 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/cta.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3563750c08e00b6ad335f3c24f17be2214ad1cd9d69f5f3c77498a13b044938b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 07:00:02 GMT
x-content-type-options
nosniff
age
432454
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
895
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 07:00:02 GMT
hl.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		822 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/hl.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ab65fbb5bdd8bb5c725efa4fe633d832403e0befee51eb5204b888e3a0c64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 11:42:36 GMT
x-content-type-options
nosniff
age
242700
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
822
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 11:42:36 GMT
hl_01.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/hl_01.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d32615648152d4535072adfde4138fe2bcdf9d13cb14dde9a8bb85bcf9e91843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:08:23 GMT
x-content-type-options
nosniff
age
251953
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1973
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 09:08:23 GMT
hl_2.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		804 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/hl_2.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edfe14856c858f9c02455f9ef94cb989f5ad4c54d44cdce012ac93399242cedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 07:05:50 GMT
x-content-type-options
nosniff
age
259306
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
804
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 07:05:50 GMT
logo.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/logo.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc3656863820bec1435d5828eeeb910f8e8751a98be93bfb627f8a0be08bccef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:00:09 GMT
x-content-type-options
nosniff
age
176847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1467
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 06:00:09 GMT
stoerer.png
s0.2mdn.net/sadbundle/3672133352925743841/ Frame EFFB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3672133352925743841/stoerer.png?1671095164387
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01fc60c5d664b6669eeebd98f6aee133e2375c1c16f9056dc492924123343893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3672133352925743841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 15:55:26 GMT
x-content-type-options
nosniff
age
227530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3011
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 11:02:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:55:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2F33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5yE3bXK4XMIkX1MLf3yk5CNs-XxouEprzrnLJfrgsbRIkPa4n3ENW7H9IjfwrMjewI7M9-XvA75ioW9Nh_hwvbZHhqqjBDOTft-p9mjIxjl3iluhhiHQ04qdDjS_DUfJ8pLGag-tQr37rTHYIF_qwbAGn-BvE2BOQLzsr5cAd6p46wPaD-4APxbU5TedTPloXzBNZ5M0t5Q3le5Mw2gJV-WTt-ad_8_hDajDyx4_QN7K9zzIyjh4auKokJoFegY7tDp7rB9NRLU0Y2gibkzSDkOkRr80K6A6vAhBK7pfGONv5oIwAbGPb92NJSka5D9AqhXyi0FPVsqvsOJTqvcFqFaVwM_t8xP49exSZHsyu8m6vIhlrVdLmbOrldlZ_JJ-rr4SuniCTW3MXdHbm7um9zuOVIvNYCTd75cld7m6JspXmOFYDyo2h14GEBbo5FqoVi6aHU6lKS3rSnJnRoVNhIMvEuI4LtRsAFJq9g8SPNWAhpIrYE8aLX7vLxCgcN0_1ezXTKBMU2xBK_TWh1PkZuSRfQlSKMHUmheI0sLI4ajEiVK72IHv9-OcIc_EhBIKMWlgju4aH4Ocrs55NK8quEDZFImZ5UKid1ghWPBKlfiSVWoHeR6yofggWDStu2GqGKYwPheUPjFDcKcbUeB8Ireyzwohqq6tuv_msWKNz97xbXhZySc8Div_1DWJtWyGnbWFdDoYGJXjVrbqB7Ogy-nS7w9W5Xq7j_YT1Zq2HVB4s6tPvCdg0ikEO_ziuGSIixl5pj4o8u_SMh7z1KmY-yAalL8Nn5bzT_lDzXRA2nfx5VyQ9_C0w1cm4HEHJQhDiaBKUiIRR5P-gBvEuAM55uKDeC65eS9wYsQbxbxmy1tEw3p5vDtXxPPilziVztC8O6z0hW5f4P4TIobDCAojNMs7gbMsPcIrTrEAdcOpWpvxJPL_MMPwjwlK4SR4GAHyPHJ88IlV-kUPZ54qu-bWmCaS_8A185RvQG7rfOSS9tn10ssFxDaKn_2dKIN-JYZEWR2hQUKngLNrDU-bQCRClVApmOdjz-WR5bmHYdoOp9bVRAlc7_6rhCabsbAbuwgdY0M8YMW0_AR-9WytkAGbnWuGQkQRVStojaW3TMIrBJp9v6QSAI-PtOf7ZE-bKhYNiq30LCz8Wx5r-f3AXEXQBacAfAGzngrnurZMj9m2xZENk2dGTSlOVtHSg9at8naz-YbLl69xK5oN_jdxxCjftCV1klFq8iS8IIAmLJG8n0sklS-5MvREtpxkW3cZc6Iohbubqe8tagi4-68LKpqB8tbwL1WiHw-1APnJbqwtS&sai=AMfl-YTAuUU1vap1FRjO0uJvAxmhN8F8L-XANFJzuiCzTJC25EzAnxhj8kxwNyrh323CwKEQvUkC6qRqiaDGB_raQf0p1p5vxKWh_Rj6--q_jGYlbDe69B3BaDlKmA_JqmNP7sgXLtw2LIAo1h-WorpKTnLs8bxicuehhpkfnv5CeY7v7ymwQyt_YIOuBGR3FZHS264FHxzhxAxPcMtYnC8h-sZMRnhAdC8gMt42786LeaJwzcG_K9nuE0IAY5bsqs8oMZe1hBDXML0RUjSsDlYPCV2Kk-ajwlecAsRxY9TGOw&sig=Cg0ArKJSzBUbsAx20JuAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=363&vt=11&dtpt=197&dett=3&cstd=160&cisv=r20230118.62357&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 07:07:36 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 5752 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 09:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 09:57:46 GMT
/
adv.office-partner.de/ Frame BCDC 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 20 Jan 2023 07:07:36 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 27 Jan 2023 07:07:36 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
view.aspx
pb.media01.eu/ Frame 3096
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=88831100046840704445006012210016&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88831100046840704445006012210016&actionid=981741&produktid=&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88831100046840704445006012210016&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 07:07:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 20 Jan 2023 08:07:35 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Fri, 20 Jan 2023 07:07:36 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88831100046840704445006012210016&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
50FF0ACB:848A_91EFC182:01BB_63CA3DB8_ED4284F:2BF8
link.html
track.webgains.com/ Frame C19B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=88831100046840704445006012210016&nw=1
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.49.103 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-49-103.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
646adb0a224cc7c132ed8ffdf9743faf8c370b8e65c1df0bb7b96cb1ed867d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
last-modified
Fri, 20 Jan 2023 07:07:36 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 20 Jan 2023 07:08:36 GMT
activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547
5994599.fls.doubleclick.net/ Frame 9899
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547?
391 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547?
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
d6982d629323924f69305970c1829054a570f87fdca771c42a2a31170214394c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
219
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:36 GMT
expires
Fri, 20 Jan 2023 07:07:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 07:07:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900016.redintelligence.net/ Frame 5454 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=912fb50415&subid=&uid=f6f88f3edadc4c04&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOD8wtj3KY6znKILy1gamtY-4CKblvaBp1Zqcp8kP8C4QASCZ-6ArYJWqlIKgB8gBCakCTxYg8cUtsj6oAwGqBJkCT9DHhixynoEqm3cRhYiFhISqe09H8qB4igLZsafN6R62DCMmnNrcEOB30u_hLmaA65p3_3kegSMDL9qvN48_Q5Ms_pYnLbDZkCMx_J5nQ5UTktQ4tBgTm1GxvF5zXchMdMAAawqynXhmIZOs-RVJ0Jk213BBdkL965SgjlDzgxnjOTJ0fR3fFFt7RBCtAjF-PspWLOnTGBCu4EFzdr1uMsXR8k3G3FPJhyjfBAfoDTL1RlIyskctnG21TuCLmf6nk1tLrEorvAvaq57AzamD-XXQ0f5jMnQAQSUpYSRGYCvZ-8VZLksAJGFIbqf2T1B4DGkNaQxA3pezUKczKZnbmiL9bivhocwTBgSuwelG7RFDDi6l-1f1KHXABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT%26sig%3DAOD64_0regQT0yAMtrgYJ43cz5SKtcz_2Q%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CmatwajdGccUkbJJU0oFTz1BxEkvxaGErUFYcA_XVIHEIbAaUSGlsPU4lPwTn5U21z-KDTB49_3IE-ysqf0mH6Y1Lg2lxymTebakTcuQRRIVpYJ75F3CKEWNO2YhE-ZfQa4544SiM562fhvSpDrUY4ycnOJ5JmcXXqLBWokb_ulQUuPhw%26cry%3D1%26dbm_d%3DAKAmf-BpWhK4aV4yjLT9MZ9ESQbBeBoLXGF3RnbfN5fVj2rlB4MD5B3zkD_PkAKEApp0IKTNXXNlIVXaqmmvH_k4C8Z8YNKq6VFzvrJGT9pyr_Tv_Zrjtpllta5htuViLiatn0Ab9yH9VFmZSOGFsCxRgU4SUMJNAgcmfTwpiquXx0GbNelxIg8pFe6CDS-iotW5nVKBmrMRvfy5MHlPy2-hRi-KWELKrGjeMYFpJ5V5bWxbr1DupdQniNOExry_VmgqNrO2eJ7ZpimsOoc_dYGXe6Q5MMdUd134lpPFKxE4FuFcX_MzQzespt1DndKhtLiTowi7iir91atE9R0EsawxJN_UYVE1rQJW-fAr6i8aK8gqHmInMl5FTdUCdCLZLpMJmekXrYiHiv-MAdzXAQdDrRgvgE392vVOUoSE70DJ6ZXSDLmAGVJ-KfoOyV6xKj4nyEkzkNryjs5chS4kTAgdRaocelSLRMOF3frR5yFM2550PQ9YyxxgwXluDJaHoOWXQkUnV4-6kNa7rM5SJc_7_vsVqgYwQ4DGWSsj1CfGrzy6p2QpnAk%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=1372029092817&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f1539cef9fa09dd048028a36be6a11cfaa4a8d3d0c1f9220abce3ae41820216f

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2066
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Jan 2023 07:07:36 GMT
Expires
Fri, 20 Jan 2023 07:07:36 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame C19B
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88831100046840704445006012210016
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88831100046840704445006012210016
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:10:36 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
50FF0ACB:8490_91EFC182:01BB_63CA3DB8_ED7C44B:1126F
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame C19B 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=88831100046840704445006012210016&pv=1
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-134-223.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 07:07:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame C19B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4c2ea3cb2ea2f67b2e0d23a5a4593427ef672001bb02c4ae3537ba97e281ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 5454 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 06:20:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 07:07:36 GMT
/
hal9000.redintelligence.net/scale/ Frame 5454 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
37a29f5ee8802031638b4248091c165193c804aa3e6468a6217867442c58a7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16552
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5454 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
52ec7c2a4b3d9920cd6ae137e5823e8202b0563b035050f18d62cd71de94a78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16267
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5454 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5612227ebe4a57ca1fdc68e11c378bebca946f3699174f58677373864fae2cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16878
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900016.redintelligence.net/ Frame 5454 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=88831100046840704445006012210016&a=ab3809ab&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=88831100046840704445006012210016&a=2715de88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:07:36 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ Frame BCDC 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b95c19bef77e76038cab219ea333e2b88d11ad7e3b0f815cf2f28bf2a29e9df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40714
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 07:07:36 GMT
pvClk.min.js
analytics.webgains.io/ Frame C19B 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=88831100046840704445006012210016&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 15:31:21 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
56176
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
b99empYGPU3tmD31sEaUs9KaSPLDm3BPP7BuadlOWjgTHdWVcbtQJw==
1x1.png
cdn.track.production.webgains.team/7121/ Frame C19B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1674198756&Signature=ILFQ9T2c7b7LQeVgqOg8zGeOd1AlPzBkzGuwj8hoE0Tc4Y3uSFHoOMqn5ZkOLxjulrh9NZw9D~r2RL~wCM3V3vmcj60Hkg7AKOS08Z8Tlmx6p~7bic6KUn4CDULjeRqyfJ0QuXKVE3g1z8wEM7qpjM6GDZdhjqH8eCR6IhQmXVRUpaccabgnB5hVQXw~9qqIKOYJUJ22YGW-40E5is5e3xEV8seVrrdHBdAdEUVdUd6phzz~6ZH-g0Hl4vXSgarQ3dCIjynZm1zr2ONas93Ph6vwK3HIRgZc~b3vFC3gafLnewYBN-V6oz~5r1pCRvKX3P0bYf-uxcRTec5vEyzcxg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-40.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 20 Jan 2023 00:27:45 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
24002
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
mo1bhMNhGspfCpvhbHQ9X2FoW9xlAAvDDXYEn8u0-207OALlGDPEBA==
dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547
adservice.google.com/ddm/fls/z/ Frame 9899 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKjtKLL1fwCFYeUGQodVzoJzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9687090719476.547?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5454 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900016.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:24:52 GMT
x-content-type-options
nosniff
age
128564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5454 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900016.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 13:30:55 GMT
x-content-type-options
nosniff
age
495401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 13:30:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 396C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br2gsuD3KY4yHCouE9u8P-ZOU4AcAAAAAOAHgBAI&bg=!DwylDEjNAAYDMoyoIzI7ACkAdvg8Why6uMxfUZbnKzkOi-gS54Cxvc8EKwiyn7gBeF5IUdnghvl_YAIAAAF0UgAAAAJoAQcKAG0_zS4MviP01olLKbteTXFNJywUGnU2i6PWHDUuPt3jpMLB_ho9hrtLS2KPcFoPQfq4WL3tCLsOpOnHnqQRd9kGAukDzb_sdkzsOvzW-hYtXSZq-moh90frwW3AtP0KWkCk6V4aIHOz9QDFcWdGmQL7Gn0NyYQZ7FZ2Pqvj8tT51QFNYSK3QoC7b2oz5KdL5DRpHarDxtFpvtPAljpsDTi72aVKPvc39O2BcrgMUSNJq2xzdbJ7F8LVV_eeItWuUrABKzuHXvx87cV5ARoD-3a_P938UfOaD85uKR0q9wxERfPuRdvhks863tUijdnjQPte9vBz5WAUwQFss6CXEWX-spZWPu6cLLBsJV131exCoeXttdTKhGz7gjdU3s3PNkpqEDPnSxIISGv-DfqAFcSCcW-DkRZQjF0YzMnLEI3rAfU3PK5cRFhpYBFNMHb86Mq9DI3Hy1YqzR9ZDawhU5xQWYA462-Z90XvtCpzzw86-0ifIUJjZQv19_9B_bBBZlPG3oPBQaTlceXgZ8NWVlxBo6DVxa8E5W2vDlllyVB0cFEKfn2YIjj5uBXeEViHzIyIUn0ISbfXAvlN0aZdNsGZ5fZU0rH3DdQegQiTP4DYI65esoA5NG18ByzMUGbIkCfeqP6JORZbXQ8fz3bnPDAe18515tN3uC6VL0YR63oL724WcUuHd0857tlTzG5brwoXLYQ4eg0DyvP7xMAAQO1SdGhMl4oG1CMWGAz9IAM4ZOiTayLqiEkIR-Q8WtZ83zPI3NPnHrP8VOXDYY4VjcTMDV_cS7tY2GjaYRTJSG3I1ldkgI-W6wsyn5-56RIeqbdFR0ExEnQphKNAtGISLe1bNGEmlYfZFLSGMSOuoaoZxSLNot0k5fuQAidvDTxeIH5eDptYKZ6z479VD9snO4NyMw4Ckfbbxih-Ve59tkcEpRPO_QFRx91Io8p47ieZvRZW7ucAohtn_WJCjRbdZDPJZiTIpYX2aZNjI89rozYKMTnabbq-EvI_eL-hR1scOms2CDErGbv5NjAvRjvNHGHiRnYyoXdGDDljdZ2Lis4Sz-q0yD_K3ACIevk0GPxWg7tkl6L3SkQZ8te_5t5EchHspLWsOpEjbz_rfHGhvWKEp0hzZw0h7ezDADPqeCyQqlZDVpfxufgitX_StA
Requested by
Host: fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
URL: https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BDC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0ONuuD3KY7C2BvbC7_UPyNytyAIAAAAAOAHgBAI&bg=!8vGl8bXNAAYDMoyoIzI7ACkAdvg8WtEH1Lw4pftc-WDKMlHGV4YxtLcOG2tT9oQ3C1VXv55W2gFRnAIAAAEXUgAAAAJoAQeZAuijwrgXKH4t08r8gc2Q8NGtVa6HPM4J2v-Pddo_qW2LrHkMZxiAZ1a9i9JPnWm7tN4FQrWGYGsksjN8i9Alr8Y9qcjp2myYmm3qWb_AUxKk82ZmqKTJH1Zc6t5OJ3rBPEZ2yq2DPM2vjLCZohT6cxQFDNXHXV676hp04f39N5IJpz6nQD-f1n-VfrbGfbbGh2KfdcMHFQRGYFw1ZfAKW4njpG-sOsZOZkaV43XYXZRmQ8UxabRHNhn-C9xrqI1heKJGJe56cYR8DTXvYhWcFHVLkM3D6-aa3NJwkNfsS0EdBwzr7Hdq8PoCgeCo0AUMIus1X_oNeZRzm_XrHzsB6tcmm8HAo7Edo6u_kzqVM1Ub0q4lqctfcUv48kHJ-U4dQHIj73J3S66wbCn9btGCbNlo5IjESHKi2OiRsFDYMsU61YM4i0CkbfcUj1RnV75p3gY9gEbSqvpSVzbQ0Yuekat5vVPkaqYzfQ1jIYsjEoogjhmr2f-E_KEsBxp45JcWXxV7TXCuRKStwvS3memTzDzkN820K_ibqNHxnZmNY8AdgEH3Pw-S75WeYxX7EAhWXLQsnkDVTVFSeB5h_6lOlZXjkcppLvUV9hSiFkodT6v4lu67dzeSAaV_Zd5zDNXo3B0RTGf9SBkmV-2z3vqB6Qq291RtI_74Xkwcu1ks9A2a5YDITzHKz6iDAS1Nq1cAd6gz6HkyZ_hdBbsIWsVhDXjGrzP3W7ENlUBHxivFY-jHyRVKO8y_9JHquq0lo3NMbkNmh-X1kQrcwfetxm4S4x6ITBaP8yalQWEBseks8uGxB3CfmscisEwixlq9L_H0ueXzsRHVKXE3VeaqLng8_kw3YILiQ8G1zb6gVu3D8cBzmlnUyYggC33ECvhTopLdZlH_sK3eEobGA3kMNT1xSgpjHzNZVluywbFL2epSg7FN9vsHZfgG3He11gfyVPzei-offUdLwT-CN8MhC-_p4Pc_NFBwxHjV7BM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D126 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRnOGlXsSo2byjiL72vf1CSje1FRwQ9rdG0FLie3fb63dt4N3sxNAb9HrJYtNF-FFrCEYUrrdJCw48fbOFAJi2zYy3zlW458bO2tPSio-5lCJckm4j&sig=Cg0ArKJSzAjC8HYBuUJ9EAE&id=lidar2&mcvt=1022&p=906,810,1156,1110&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=886418757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674198455716&rpt=253&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C45 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoEKxuD3KY_eCCr_87_UP9rCGqAwAAAAAOAHgBAI&bg=!hIelh8PNAAYDMoyoIzI7ACkAdvg8WkaYNAPnP3-j7xUrV7nx8jCfghz-1Enzam1Jn_oBWhRKs8KClgIAAAEPUgAAAARoAQeZAuUXzHPJRALjIc_saKWE14Sn8xwlVpOfEopzZNqk8B3ozNKP3WBNZldLUaZms8k0bIXGKiEr8ifDqgdQg-PIEwi_yit9Be5goJqOLaMrPN-Kps0F591om8MkO4de5Y3jComo7GSjZsaV85uhEEMilY8tfRXqNA6M-xMttOoYbS0ApwAzpMgyayEasxXIMe-YbEhBupMIB6F-ybcMGt4pY0LJP6CtlQhyyHb6PZ1w0Mopr3O_XIFKozhtL4_3Z9I4WmBXvpAvH1dMPKFPu0xwkbfQi9pIrav_x4C0VUvDRRDMOlS3YSAwJeM0f4urVad_VxVaEFfkXZzDVbuC8f5m8VMjMn-XUMz3bykGGNlpPEJNOKAhQUItxpeeRzAf9Zf-aqln7jTkjD9zy7uba2wZXAD6RA6pPCMIay_53hEzNhJKajat7BTpBiX24QC1fqclDaGDNVbnYMO-WhogqhniPoYIr_-hyDQzT-YtUS_hzUlWZcVscrjVl6ud_s-cf06vsGPLc1RQecBEcW9aja_H4LNTRvap92bdH716DOPayHv3xVAKC5V0ssgN66uM8fsDxcxP4HKACyzLawK3CFwABNqpniCjxYrtn_ggrbtox2eqa0YGXj8iFlOOaIU5WueijWsjY-2XLZjoVMYfWB29LejAyDfGha-oIG0BqPdeRK2YKxT_yJ4RQ9z4WjjQYX2DUMWKEIW3mMLFy2hZIJCqxba8cvr2wogCK_r9ydbp4-m4DQjISlF9aFmUPx-cRd8Ei2yaNo85JPHXDLUjTuoo0c6Wqxyt6oxogF_hFiPf4cLp_uvObUCgpx6KeztgN1tHNTkNRo75euNcWo445PPD1r3Pty_GHZUlGv-DkqGwx5YF9I7TS-W7kXRTdmnMZtN6V9-jDOEcdhF-xdrOkiqqyx9vDMzO06NEpM0BHmXxgxQwjHJcU72K6AYe7hYk5o1A-5m-U-txm0e6ckcGAu2jp0lKwZQUD5o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5752 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeK4guD3KY6KvCpmt3gPp6ZDoCwAAAAA4AeAEAg&bg=!WlmlWR3NAAYDMoyoIzI7ACkAdvg8WrJapUIdXqsySfsRFydsy19aW0kRXIVztvFFIzAoaLtzl_ThcwIAAADMUgAAAAJoAQcKAKXA_bUSKrYYaZyWEanTUbv0I1Bgg6PI5yQqFrZU0V0ge6KUyuRKe4bXfFoBBXAvBGijWuZhjOPPjlzemzjwiJn4A1SgltqanzeYfFuG11W1oFNCQRVoWJhO2VgQ1_FZNktv14WSDcipJKeqfDNjlfNpsXVUbaaOVHI-2ufxqa1BEPnwpdzM8DngUhSMEhzfrjLH8mxzhgNDb7Z5cCXno0hHygsQPpmZAvMFzMQOjn-xmLR0BA4_Xw1GVYvGvP1KMMPEEYSwaZVpOYemg2WXrKR_-_QoZQRLBn1EU2hF2VA1nudeDy-c8e4vlKuGdbewLpToYECX_ZzHMujM1nAybdTTsp9RPlRGqqhaPCEy8a02uA-60XtLoI2XWHUYCIKCAyoYV9EtPDIT3MRl6jEuafTNjzH6HhhCIqkfOB8pExLV-isvVWqwTPe-OUSju2uTayjKLrY_ABuvyWUZ5OYulnTbQjAPbeJ87QMbUZvNTyeLUK-Eo3QmB5lMoIuwLxzRMhT0avVF4QQVbCSM4LvRsB7EkOwGGYD9LI7JJj2T8WQPDtejQ0prv3vIuhdMYh7nRj-5P-8jXRiiqiUDXpKHbSNh0vW-j8NbnqElbPs2sVnpXoW120ixIQcn1x6jR6vZtjlBC_qRKBPgQRKMwxViFyiyV3crZ_mcl6XsMGWsblnwtj-sViByfjmiXSFKwm2RQutC5ihqFJM_RDviPXBsKse05KfGds-WokjlPSBAWkR9qhoSJB87g990PgZsGGo0aDacYH97Z8lSd7J6DyrZjqJ5zCD9NpHO-jVagsZppdFHvEo6GYBkuavCtipRR4ucDE8mHt-Pu92duukrOfHOHtwR4OT3n8RMNR2b258Zt4BS4Fm9oq_COimEGMgxkClD4ksJzRNrGc8oiTWMC7-FRl0kfs0yQg9jjn1BLvFm4ZhvXDERxXdG5h2MN1OeNGx5S3U3dhzkr-NpxOfxtK07jO2Z3I02c7vfKsZQFKXqhdpuxlr0bGI-anBH6tzcvMyF37szGrKnPeTAr1na86hpJVE303crxcbRbUZAq0d4RKBCW4Z9qe9-kbeT6Eq97XPz4Mia14uR2nsTA7FdlacbyBrBQhmrCx3XuuwE5TTl3LtVR9kxYC5enObMJ8inhFK--c3opcU8zN1Igm6_h_YeV1_1ieHsXwrIROH-nDpZJLuCIKuBhPY7AJvL14hb2BlmYzxKpJPJDKURn9urMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A364 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA8hPaw94pGZCXweYf5ro24LKa7sOJTzCw_wF5KpaewhJcS90f33mmturzqj6-_CLMWLWzU4HGbG2Xx_ff1ALsldPOIjYIRR_Ny5wRmqv_J-4nRCv9Y8Y9HiJIT6Mr-M1lTdaGDQ&sai=AMfl-YQboASSYnSzeaYKmKvWGv9uVM3_Vyp1e75KAO5r81Iz0UVA_Cs4JkR02ZimRwv8EScZg80PTfVq_8dOALzqFFJ4I-Ibu0mvJyaS8wSe5GIL39T1xoGREJniTQ_6AXYtIdOy0miNnA6IXwRPgtTY&sig=Cg0ArKJSzIevePm9zHBMEAE&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&id=ampim&o=1120,906&d=300,497&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=454&tls=1455&g=59.1549277305603&h=59.1549277305603&tt=1455&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F231 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss33EB6b4hXaabUY9_rQqrJVcWt3ODgz14DTApvdZ_PvU1QuXLnwBEKWAw_uyk5OXVbBknTZjJza7hUnHB2AhPYh_Io5VJQevr3KgvKVMuj7AOhXx28T1UdDenw50Qd-HyB4NysoQ&sai=AMfl-YTOeNN2o2baN9Hoj5Pm87p6xLfVqViJ2vbA7sloscl2Cmo5B-AWk1HleamRC_XS_HStEC258-nb0WdsSWHTXO7AwORGoie1E60Qd-qBblJCNyGI6nXQsVoXgMOwovP_gQvE7g1hi8vsuLN5vqMl&sig=Cg0ArKJSzKGYLA91w1KhEAE&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&id=lidar2&mcvt=1000&p=5,315,255,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4127172794&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674198455713&rpt=580&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 07:07:37 GMT
x-amz-request-id
345CDBWW70P2J4KQ
age
1275
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
RXZ9eF1pCd0CDN+zmZsBdUvWy9zP/THQYOkdE0w5cIOOD+5zdquMw/vB8dFwYkBREq+fn3ZvR+o=
x-served-by
cache-yyz4578-YYZ
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1674198457.375131,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
29
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
616
activeview
pagead2.googlesyndication.com/pcs/ Frame 9DD8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZF2-S9Q5VNziqrw9FTAhN3PMID9ZjB3G9QDTO46h2IR69lnxxH2qY-7G4X6Cmpn21VaX3QvTL-Jv7q186TfX5n5BCsVScR2BTA1SCfg73snXtQP9-sHcACSWa58uzc7nUeUb9AQ&sai=AMfl-YQi3Mh3wl4pdWvuUe4xPWchwK2MKFmoxhDxZw3O-9j1REYuhzQP55aG-d-dznKnEYYqjjTASF3WGk-q2mC2o0T0v84jVAZkbW7v7x17FY8tJyG2hfWYpfqBcqVQfNYEq6wN4_Y8QYtqTVMbcitQ&sig=Cg0ArKJSzNl7SeY-1BrFEAE&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&id=lidar2&mcvt=1001&p=0,1559,40,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2495267343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674198455789&rpt=540&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		64 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e8c61690e38dd5f72744ef0aa98c61353aeaad5e72d94db609a48dfd68e1030a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-yyz4530-YYZ
date
Fri, 20 Jan 2023 07:07:37 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F33 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnStPPQ79B3IA9QmlpI5Ipe_jZ5F22t2VMq3hDyW4AY9r_BYTk4U8e0yYBRfuzRFtjpWZf3lvlUZ1L700qu7x-_mU-kLvtzmXYcL-snnKXvfFUVjLPHFy3Z7li-miGWwFX58vZrQ&sai=AMfl-YSs6IqwI8cyBFeKkhNiWUhk5z3wpDY-2sBGMynp0fjZPXKZVXFwJ9C9qVAlJFnbabuk4dYP5LwuSzY-HQIuVxGcARrbRNtzAETl069IUd5IalHHbO6ROTB9EkMSlDu63ONA90UE0rhvCZaR4BXQ&sig=Cg0ArKJSzKIAPpCzdH_9EAE&cid=CAQSTADq26N9eFie0F9sajtJU8ySUg4ia9rH3oZEDlqdQrqUK7F71vo3Xg8kU4ZPrXSlEExhtpPc9PpnlR543x0lvOHeb4CDgThtf5CJqh4YASAT&id=lidar2&mcvt=1002&p=0,119,40,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=273824712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674198455785&rpt=625&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F231 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5650649159966&version=m202209210101&ct=76&x=1&cor=10045520663492616000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DD8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3798033655878&version=m202209210101&ct=76&x=1&cor=7614188201635871000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F33 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4640623853724&version=m202209210101&ct=76&x=1&cor=11866485274032170000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame C19B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.77.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-77-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 07:07:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.77.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-77-94.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 20 Jan 2023 07:07:37 GMT
server
nginx
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=001402ab-0055-42ae-b8c3-772d96a359d0-tuctac3c336&uad=6295b1732dc3969338c1245a75f5bf00276f29e91036e3dd9fdfb603d980b91a&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 07:07:38 GMT
cache-control
no-store
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame C19B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1725064392368&version=m202209210101&ct=77&x=1&cor=17079805425386775000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:07:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontentvisibilityautostatechange object| dataLayer function| _isMobile boolean| isMobile1 string| defaultNativeVideoType function| $ function| jQuery string| dcPath object| dcTags string| dcContentID object| googletag string| gen_ban object| general_banners_divs string| gen_ban_size object| general_banners_divs_sizes boolean| page_800 string| dcBgColor string| dcGeo string| ParentCategory string| dcCG string| dcSite number| dcLoadAds number| Dc_refresh_all number| Dc_refresh_jumbo number| Dc_refresh_ozen string| gptVer string| gptCtv string| new_gpt string| newMedia string| browsi_on_gpt string| show_truvid_mobile string| show_truvid_desktop string| adx_interstitial_mobile object| ggeac object| google_tag_data object| google_js_reporting_queue object| regeneratorRuntime function| CloseSargel object| AdUnit_template_functions function| video_off object| AdUnit_properties function| renderAd function| closeTransitions function| handlecss object| Templates function| CreativeTemplates object| TemplatesConsole object| __core-js_shared__ object| _pageRefresher function| pageRefreshDisable function| pageRefreshEnable object| apd_options object| _taboola boolean| should_load_zoomd string| video_ad_iu string| video_ad_description_url string| video_ad_iu_mobile string| video_analytics_src string| video_ad_yncd string| youtube_player object| YITSiteWidgets function| flowplayer object| _flowplayerTimekeeper object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| cnc object| webpackChunkyandex_pcode object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads string| WCM_POPULARITY_LINK string| siteID string| analyticsCode string| fpToken function| IframeLightbox undefined| waitForElement boolean| closeBigAd string| dateFormat string| timezone string| languageCode object| currentPlayingYoutubePlayer object| YoutubeAPIControlller function| controlTickerAnimation boolean| isAbroad function| hpbClickTrans object| interdeal object| interstitialSlot function| getCookie number| rand_num object| expires object| TRC object| _tblConsole undefined| msg boolean| yandex_context_perf_logging object| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| _ object| AdUnitFunctionsClassObj object| AdUnitPropertiesClassobj function| category function| desc function| author function| tags object| ptag object| f object| permutive undefined| google_measure_js_timing object| google_reactive_ads_global_state object| $sf object| yaSafeFrameAsyncCallbacks boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins function| onYouTubeIframeAPIReady object| google_optimize object| gaData object| GoogleGcLKhOms object| taboolaElementCategory object| taboolaElementArticle object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| placementData string| nam object| cmTag object| google_image_requests object| _cm_wfCounters object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

26 Cookies

Domain/Path Name / Value
www.vesty.co.il/ Name: ab-checking
Value: 42
www.vesty.co.il/ Name: dcsyncundefined
Value: true
www.vesty.co.il/ Name: tmcundefined
Value: 1
.vesty.co.il/ Name: _gcl_au
Value: 1.1.1308721585.1674198455
.vesty.co.il/ Name: _ga_HBGSDK9P6D
Value: GS1.1.1674198454.1.0.1674198454.0.0.0
.vesty.co.il/ Name: _ga
Value: GA1.3.642865723.1674198455
.vesty.co.il/ Name: _gid
Value: GA1.3.182896465.1674198455
.vesty.co.il/ Name: _dc_gtm_UA-5536870-20
Value: 1
.youtube.com/ Name: YSC
Value: glHkZUOyG7M
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU1TURZeU56WXhNamN3TXpRM01EUXlOdz09ELf7qJ4GGLf7qJ4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: u4iqg5UbbFo
.vesty.co.il/ Name: __gads
Value: ID=f0c42c408572ea4c:T=1674198454:S=ALNI_MYa-jm2rNy4IZymVeVjPDKtHVxK9g
.vesty.co.il/ Name: __gpi
Value: UID=00000bc70b59d06c:T=1674198454:RT=1674198454:S=ALNI_MYd2XuNkodVHQ9-Y2YW9t6uhXCjOw
.doubleclick.net/ Name: IDE
Value: AHWqTUkM9pg2zMDKGwUPjt9j_b2d5OC60B0GbazVSks5PIw96LKdwGVstcTWj2WZaz8
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 4802420754884236941
.casalemedia.com/ Name: CMID
Value: Y8o9uJBvRyK6F5E0QtHetAAA
.casalemedia.com/ Name: CMPS
Value: 2174
.casalemedia.com/ Name: CMPRO
Value: 2174
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In2lZq@@!]tbPl1M>e)ZlrFUfJ+tGXxo<K'.!0B12C]Q3Kv0OlkJ.X4SO<`dVua2-A-13If)y3KL9D3I?-7.[)5B
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 6879f161770e8425
.awin1.com/ Name: awpv14098
Value: 296283|1674198456|1e86e430-9891-11ed-a520-22653408fd8a
.awin1.com/ Name: AWSESS
Value: 429086:2519595
pb.media01.eu/ Name: ASP.NET_SessionId
Value: qzzntk1bzxet2ux51whnxa4c
pb.media01.eu/ Name: DTU
Value: E5B92655B4DFD43786545ACAA782C2A1
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1674198456999,"clickCookie":false}}

5 Console Messages

Source Level URL
Text
network error URL: https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ads.google.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.permutive.com/6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js?d=2023-01-20
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-delivery.net
ad-server.eu
ad.doubleclick.net
ads.google.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.btloader.com
api.webgains.io
btloader.com
cdn.ampproject.org
cdn.firstimpression.io
cdn.flowplayer.com
cdn.permutive.com
cdn.taboola.com
cdn.track.production.webgains.team
cds.taboola.com
cf.dxmcdn.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
fdb97672b2c9731d9b6016b6e753b7da.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900016.redintelligence.net
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
imprnjmp.taboola.com
js.nagich.co.il
medialead.de
mrb.upapi.net
pagead2.googlesyndication.com
pb.media01.eu
pips.taboola.com
pv.medialead.de
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
totalmedia2.ynet.co.il
tpc.googlesyndication.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
vidstat.taboola.com
widgets.outbrain.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.vesty.co.il
www.ynetnews.com
www.youtube.com
yandex.ru
yastatic.net
ynet-images1.yit.co.il
ynet-pic1.yit.co.il
104.19.150.54
13.32.27.21
13.32.27.24
13.32.27.40
13.32.27.94
130.211.23.194
138.201.220.30
138.201.63.149
141.226.224.32
141.226.224.48
141.226.228.48
142.250.185.102
142.250.186.70
142.251.39.34
145.239.193.130
151.101.193.44
172.217.18.98
178.79.242.181
18.135.49.103
18.168.77.94
18.66.147.98
185.80.39.216
2.18.235.16
2001:4860:4802:32::36
23.35.237.86
23.67.134.223
2600:9000:206f:5e00:11:da61:a100:93a1
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2606:4700:20::ac43:464d
2606:4700:20::ac43:473d
2606:4700::6812:79e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9a
2a00:1450:400d:802::2002
2a00:1450:400d:804::2001
2a00:1450:400d:808::2003
2a02:2638:1::13
2a02:6b8:20::215
2a02:6b8:a::a
2a04:4e42:600::300
2a0b:4d07:101::1
37.252.171.85
54.76.176.197
88.198.250.30
94.23.99.218
0198e11b6aefcf520136d9c5c2ef0cbd3e217a8e7e3f84c10870b5af97cd6152
01e48f0b075869d346f92e6745344eec197eb9f307ed920f85996e7217089c6e
01fc60c5d664b6669eeebd98f6aee133e2375c1c16f9056dc492924123343893
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04e215354b7bbad6c67c7f61f97b285a2846995a2665626ee64d67fff26c2c08
056a419c036aea7b42c9c55d7be4058b1a88d1e7a923b9aaa0154dc1c921e4fd
059e426ddeebed5b47febbbc8334c2f1e5184263fb84cac2a8e29b710745991e
05afe8190bf88bdde532a60a2bcf608db14439d46cc1a71da6e22aaca6f49692
068a3818975d4f82e839aa24aa22d59cd599a122ad6aef1cafc60114d08882db
08933caf59427981c1b7f99c497020de076cef38f25ea00906bd5a75f2313089
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
093083252c279b0947c71ce9d05cfc2db2eebf9594f3b370215a194ea89bb560
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c16722cdc9bebdde63efc326c573c7ec843002974b981764c4e7d21b432f41b
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0fe1ae1648775edf24571baca8bb930a19cd56ad1732c71eb1174ffaece615b7
10df7b3be4453c581f0538bb7aa560d8d370f8be355960805c4b39cd9ac74218
11658ab232f361f89229467b345f69b559764bcf92a5c86b23042e4db02cb854
125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128ebef89d81df41778b299c1a0673ab86b21a967bca57777d7bcc3ed2289e1a
14efc51dfdb642891d9de51838eeb2ea9949cc8e65e008cc92e6419726ec928a
16347cc046696fa2e705915a3d69eafa91ef210ac2f3defd78ee4bc55a4b5e83
163d6aef40ae55df4d8dd3b736082ce1ed5f047d10f3518dc0c41d4d1bc2ea8d
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1907a62e18c04bc41544564ea6eb3621a5a29d8b0a067bf445e99ba449bba683
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1d87eb695ccad6f78a2656ef36591dd76c3b04f13b696bd3e47a2354c498b3c8
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394
1f516ab7b3967e8f0f2155a5828ca065c3412e9e1910e47c3f6d5edc4efb57e5
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
237feea02ff1d343b833fc17155dbbeefca9b5f4973bd5aaf1ae2f65f94a41d6
2436d29de150accd2c12d8d0d9573a1a9eb737cf7d3367399c0cb16373350ab2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f76808a08106252464d9203456b91b7da6dac5bcd98f4cf29374e8dd9d3e595
2fb63c456a6194a0723eeba2d489eb27eff27ddbb753ddba49b6ff91c5992862
2ffc9ff89144d0654527733d14c009558de6b77ece4f89a1292e93a72a943664
307e34605cb4539c0350e0442839f61450025dbd6cc50d3299c80a6d5111452e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c5204deaca16f08eeedaa25af40ff5dd6bdbc4b3068b3bf496f3ac146f475c
32e0176480f85d5faaba6a5f9daa660a53085ebf397ab4df8a5777ac5f3203c2
33b2981a419041dc8a66b34f5b005f08e6aa8abef9355fce5a78a9efacb794af
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
3443b1dc1decca2dcdaa1b65f074e289710e1b6baa23c3bed40897552f515b82
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3563750c08e00b6ad335f3c24f17be2214ad1cd9d69f5f3c77498a13b044938b
36d1863ebd6b1c6a0b271baa7696bc7e0931b9c94a7851d30c11836e152742aa
37a29f5ee8802031638b4248091c165193c804aa3e6468a6217867442c58a7aa
3800d87c94b9866d047aa850db885f2e8ba6dce645e064183c368e74c1b150b1
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
397e1fa6b641266ac6537f43be08647287bafc72dff55f1b04d58e464e5c3b74
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39ca1191643d6bbc13bdc8f643eb7464874326f254217266d57adddf3f07392e
3a5444e808aaf51b853bdd48dc31d55008a323f6580f2af1d00084a6c30c99f9
3ac220126333e4b7e11c3b142828f3dd545371a2bc4e8bd3151aeb89e95f41af
3b7b5b29107f16aeff5c67d6cccf2531bcac4a99e380f1ab134e9adb4a0a2e6e
3bd81efe8e9a9ad68c759fccf939381f50524ce1a2bc332cecad95a1fef7b5cc
3d1653aa5d9b0e8942626817408740b50fa0fb3a224ef5c6cc5a0731ab8f487c
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
416f86e2a6c273f862b59a45e8501521d71c565523a8f0f5e3490910924533fd
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119
45599796e9f8955fae45eb3b87f8eb55f5fcb71c7db1572a7429587a8cc3c30e
4649491aa1d518873845fcda97e103fbc24d79c52d43758e19251651b71b0e75
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6f6c37882c37417b3cbe6f470fd19b93f5e2a477b32ed163c3d72f72406d36
4e5569b4e1199e05529c623271ac06e8b5d60b609bc967dcc06ffd5d5a251a44
4ee5f07152d8deee722dc065477d80587c1710018a1cca39db3c10d84e4990bd
4ef66b465b81a0b014210b433c9ab0868b6507f8f53bdc155fdc29369bdffc43
4f4f8788d01cc5531e761de8ad78feda74b12574456207f9f35118332ff7d7d5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524569c74d5f0a94c706361dad1b41c7721763578d7023a1f0c9c17b8b29f6b5
52ec7c2a4b3d9920cd6ae137e5823e8202b0563b035050f18d62cd71de94a78d
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53eead9613627cd1a123090126d881eaaf33a754f3fa5d50a9297f425abc92a8
543bee066850ffda34784bf04f96f06246a16f0a57d64a504fe459177e79056e
54ecfa572990e94acedaa3f98412b668277d09a314d645d0e4be182f3ae5a47c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5612227ebe4a57ca1fdc68e11c378bebca946f3699174f58677373864fae2cfd
56dccfe08a52dc92c1206ee978f48cb9a21b0820ea595d70c92d57e6bf237604
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9
58613e446b8c55815074d53b328a57a97feb724788a12cde7b8a8040bc537aef
591f2a1884627044012d609421f5720e613296501b0e202b39d3f4a740824b14
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a683fc79e3379ee8ecfd8f32e947347138c4b6d2aa324528a5389a9c34e2756
5ab156be3a28d754bf5958340a2d3784d407fe1cd92b98ac70e0d6fdd5193749
5afb9b92badc59d409e22b0c4fae2628172d333d5cc286e0efbe09251480f3b1
5dbd51abd9e7850a630660fc4f54aef3afdee742ad0df3c1ca7f508ff503396a
5e2eee6a7345ae1bb05a9d2db7f906ecf989222804398fd56290e1570e72a37a
5f744357ddc47baa090610e6519eb8ad958cdd208bd56df82f8a23d9fe369cca
60763804dbfb4e670552728962104609eef19e844333a6da60a3bf6a26556a91
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639705bd5f73f2667e0ffd7fafcfe4d28a10fd22e33b30a85732d41e8dc54a37
646adb0a224cc7c132ed8ffdf9743faf8c370b8e65c1df0bb7b96cb1ed867d18
648fc57c6d1b8866c5a626a602b4e213a7e8f704ba37a616e4b7dfdc23107e18
649958d435db5781e2841b7be820b211b1b9a4bc5a3de6fceeb28fd94a8a0e25
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
67a5d48911a0c5b5a0c30616db7cba79329f2fa7e1a2a91845404e093c8bad79
6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839
6c5516b7839d392a178d6907f5cb40beceb99756596655a4818a1c75bd13fac7
6cd63f94288b9f6cbd5626a076ef44001cc882444407a980da7a0b47a9beeb8a
6dd369e08428c6a91de03029d9afc779d48fd55f1a5a72e487729e3421a2b476
6e007076276835ef93e024cba74147e571758e9058024192b9e32417249ee6c7
7023a9d30e44a55ac453193a681a5ecad6668c3ae1531e4aecfbe6ca890c9f1e
719e1b78b18496beb0fffecef52c36a6a06b15201c93f7af8fd85b4c1bbccfc9
7443332f32b560d1e225a5dd44d20ec518a720adf470021fb1ea50529432ebe5
7640773899458de6505f8d74452bac91d2cbf258cb95e650c0db507d51a5e5bf
768dbaa97f82a2587f62a38375028c588d5d4ccff7fb319a9929171c51f2f907
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7c2fbf13d01af7cee93ca0de33393a060eeebe38b324f877a7ca3b1df2338715
7e8d69ed6d508a5a3b55538a4dd8352a81a6e60d0f11dc992c5e91843fe139a1
801c95ec34ac6191be3ad237595e98269b42d0404d206ba1d4e3fb1f0cf5243f
819b49115d6184d68d612edabcda26049a0f6702e16b8d9b3e4628f403afd863
81c6a5103363ffae6312ab873c2d8ef8f5e4024e7d9e5083faa61ed4a33d69b7
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8
82708d353a2cd0a5bdc09acd2740caae7f8f358e97515e4220842c1d2c5e1f69
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8499af3e30316af00f04982197057727772212d9e26d6d4a4f01e12ad9b3836d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852ba8997dc1fa71bc000b31d9af5bbbf7d3de94833750c779ece5f04d33e261
85539a85914b5a3d5b209a2b9d82293873e16e7dd0aba23e9f61ad69509e3b24
87696605902b27f0d7146ca59bbcc53e843db5e623d5044b7eb7d04ced7742d3
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
8bee5b0d13f1de0b52c6aa4a61b112428f78c656b7fdb7e6b1367c53b2ba84fa
91ac0502171d983ad2d3f7f2c146fe5751250072334c4267eaadbe0f096b67ff
92a85f93f18ea572688b8fd7b5c5ff1b9e69c4a61464d72764d833c42dc41c58
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93ae8b0d2f5b1aeab9e810ae012cee83029f50ad7cc6708735d254e9db580d7a
940b31c530111612cc52a75ce3d6fb010ab7c7c8f6ed295479fed5631071e436
95fc8f6101102fc2f0d4c6aed54f381e2108158ba38fcbf9bef029ffb8f7f0d9
96234ac86729d6833b645cd2047bd81096a8abc561dbea4b3ceee35629200345
96535cba682de213b2813fec679a47f8b9da135719dc650c69a794fdded31afd
9681f457e147b208695a92e912b89d30ee2eb46bd6b6fa1de9158dc414786076
972a46f006f15dc7139edd19ca25098f0fb185208d3f56fb218300a03ec66c1c
97b3cc863661d90421e4d91d8120ac9441c427aeba6ffc0afe601bf4e27b56a0
97b976f796b0f3dedaa20505d1aa82b6c2d6a9d27a74de22a60071860383e2b3
985b3010e916c334e691fa3649f3d17a45a42b72390daa9c548f37f049bbcfc0
98bfce24cb8aa4e3c3acd17491ee4e50e55a22204c67ea04d407d28cff7cd0cc
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cf2eda65bd046137249945d6ed7034df09f76ce5aea7e05b51f4a7681cc9725
9e0ea1296f06b23f70561f76a159d07c4d37cdc5863ea21e7047ef5f59a93369
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a25e50ecc0e7a44d3f555f99255b3c963bb591b76529265c3544b3636f2594d4
a295275fe0bb374b278a13863d42ee7d64cf6b43ca0e5f145260af63ee441837
a29e11b1cd66261fe321cd6c93283677795d8544c1654e62393b8cf271eb1d4f
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426
a443f0303975a38a561358a347166a210773f9b855b4774211ab1c4a2c249b29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e198b2c834a9247253ee0907864214dc8b64263ccb73a6db9a0fa7230046b2
a54698716d6bdf05461dacddc79e41c1fa52d110daa73ca134e7aa1b5324acd6
a72f8d10625c97c18083754c5375ee413f5eb48a895484d7f5de93f567853be2
a8108d77a264d081487ea1032c4c801f6d594a8eab414100fa6d1a4accd98da4
a8a2062b641fbfb4ba310e417594f74179e75ed39b729958143c63d3a4809876
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
aa9e840100af2080b2a65cda25d4f9d9614f27afee9ef177203bc75d306fb4c2
aaee0a9819baf69846b54a52ea8cb4fc51987cb160a6bfe4567c0719d69f6bc6
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
acb51c182d566f99a1c8bf3c047d9957bf1a6461bd5e532e790986110de44f94
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b1809242dfefcbae934eccda462fa2655185ffe83c95ba9e9a6770d593c025dc
b40f02abe87261d993209afe5b11586a25376e636f37a1497c7dfe040480b88a
b8bb7cc5daa14c932c4c23a672a1ab1f285652d66ac5f8dd4a62105e1aad33e2
b95c19bef77e76038cab219ea333e2b88d11ad7e3b0f815cf2f28bf2a29e9df8
b9c77af9d4136c0a987de37b3d9ac8bbdb692d62df56a76ec117240d46fa88f8
ba0610623ba1a30857f5e9a2e1eca4998aef758edfa6c7e21f6e17c98d8957c1
bb6cdf95c0f841d5516fb009c02584607760465af9b709ac62c8cff1fd468bd1
bbcdc9c9b394f67db4cd37757c7b7b6d2a316d5108b173201d3c726609ccc525
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc2f064ff9bc3c36de040d77c82c43890467aa13b216f9e0925a5e6cf306d4be
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd978a87bd6097f6e3f48d2740b1bceb3d27f0385c44e667a126c8adccdc84ad
bdc5aab1bc93dc47fbb638ee7462509fffb3392c2cd3ef31886e7a3aa76f291f
beebc5659e5a7cae96a8459bd196074d0573718cc4752d832cd1c6f8102a5904
bf6f8b76a208f928f5daeeba7c5b4de7415e14c26dcf1c69db0bedc58f872a35
bfe4daba7053363118b8b9cf8b98fab5eec0d00fbad7bfa837f7a1efd1b168eb
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c048d103427ee2c5a05a4a12a1cfed6947ed96c8049f2a6b16a4e780a2d5eee4
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c27fa45d64dab3f576041b0c1b7638360e689b5862bbae3a25b3bfe9e2ea074b
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b
c4234a04add3fca32f5045b81ac01f90b8c422117a9d55be34abad4a0682dd6f
c516cc6ab6f3e6c69d57da96b78df1d404e2b49d2d0d3a59febb1f50c0e58241
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ab65fbb5bdd8bb5c725efa4fe633d832403e0befee51eb5204b888e3a0c64c
ce6d2710e9a4c8b4b38965d4d1e3466c83322bd4ef24d56d1de0ff28b3ff1909
ce7851a34e791efe4c6f3ae9f1588ff624cdf66671f534a9ed45c18aca0fed82
cf21d08dfcbae4b40e503c72abe6eecd47a8bc5c448d44d992d996301a30995e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbc954e81cf76b2913c104ec20ffa16effe22261add67317955c6ad2a528055
d001a1a2dd7696b73533d5276c9390ceb52150a67a796d3f31bbc6bc627916fa
d02426be5ed7a8deeea09233b783948a44c6b26100d1e0a72b781d10137ce23d
d0eef0cb070ef6b97945f362bedd6b5d1234d263e831eb98c823e57cdb1a731c
d32615648152d4535072adfde4138fe2bcdf9d13cb14dde9a8bb85bcf9e91843
d367721a1674a9e7d78984712cbff77710fceea65dc2e66e68eab8d84a1f4712
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c
d6982d629323924f69305970c1829054a570f87fdca771c42a2a31170214394c
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da082d50ec406aa60aa7c5bf819cb38b40f66353d5c8352fcf046aacb3d302ff
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b
de0529d3c675751b762e820612467f5df0c8c3d293602e0d20179e0aafcd6b60
de7e29c3f5289e504d2151a36b4f4e36a79c40795fd61972945d4676dbfb0ccb
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e1ab7e32a5d720233de3658848ad4bb9845a313bffeda85a53354a9879f7bd08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4c2ea3cb2ea2f67b2e0d23a5a4593427ef672001bb02c4ae3537ba97e281ffd
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e5fd8bf0126ebf66d05ead9426e1aaa5b1e8d463dc7b2afb0ca0227c926ce4da
e62787595e00ac6a227feeab2f0228ce83dc416622b6c55c1ed8d868b5a0d679
e6c1b957fbe542120d5fb599c545abc009e7c541e20a500666251172b690b4bd
e8c61690e38dd5f72744ef0aa98c61353aeaad5e72d94db609a48dfd68e1030a
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072
ea3df7853df13afe03863f425c34c1c7e08a0247c456021e9ad0466776d11e5e
ed632a55f60a08a1cdae99207d0e4dab9544e60059b0378e510762c1a9e4f950
edfe14856c858f9c02455f9ef94cb989f5ad4c54d44cdce012ac93399242cedc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef690493459f8f0438a38f8d0cf1eb9be88383645f51694d4d27f8886a2dcf4f
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f1539cef9fa09dd048028a36be6a11cfaa4a8d3d0c1f9220abce3ae41820216f
f17e7941b62e9d78020144a023d87a0dbce3e2ad6a3054ee3570b673f097a9ec
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f30a05fae29bc8c2fd586b84adebea0279eee215600295c5a42279d848b1b41b
f45c5872728d497f8ef40a65c4ae6c72a29abf4d641721f19f3776df9fb93cb1
f475e780a27d0f5c75e1af25cd1df0f13b2b879d82dbd54329bc2cfbf962f0f3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9c0b0b3e94ca779b2f61981b0008b6f1bec8abca87a7bce786fec663490364f
faa14c11d7703f7d50ca293ff2f2b15879b3aa21921a179716d757ee87c99716
fc13c08ea4a72d653cdd6d81a4d7dd0305d7258a6bc8184aed13ff1569702415
fc3656863820bec1435d5828eeeb910f8e8751a98be93bfb627f8a0be08bccef
fca7437ffdda5a71bf74bd71f6b2c3614135c7d7a779d6a99ae52b20c421270e
fcb6268ec4762ed837aeb7dfc6648accf6a8f1e9b93ff456ea346a0983c0f147
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
ff9873665e7bec72ba53ba5bd2517090b12d3d7e8f257d6159942e3c26bdee54
ff9bf657a0421d24a554000faee793d7fa96fa4873737ea7e82290b191bf84e0
fff2a3783c20453f5b6bbad22c5e4699870ddf8a5ba041afd812a2c89e35a7cb