urlscan.io logo urlscan.io
SecurityTrails logo

news.walla.co.il Open in urlscan Pro
143.204.215.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://news.walla.co.il/
Effective URL: https://news.walla.co.il/
Submission Tags: falconsandbox
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 127 IPs in 13 countries across 99 domains to perform 519 HTTP transactions. The main IP is 143.204.215.10, located in United States and belongs to AMAZON-02, US. The main domain is news.walla.co.il. The Cisco Umbrella rank of the primary domain is 234540.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time news.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 143.204.215.39 16509 (AMAZON-02)
28 143.204.215.10 16509 (AMAZON-02)
1 15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 18.66.112.22 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
37 151.101.65.44 54113 (FASTLY)
2 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
14 34.160.198.118 396982 (GOOGLE-CL...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 34.228.152.212 14618 (AMAZON-AES)
2 2600:9000:20e... 16509 (AMAZON-02)
1 16 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.103 16509 (AMAZON-02)
1 99.86.4.108 16509 (AMAZON-02)
17 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:211... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
4 142.250.186.66 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 104.244.42.200 13414 (TWITTER)
1 51.77.64.70 16276 (OVH)
3 2a03:2880:f17... 32934 (FACEBOOK)
10 2a00:1450:400... 15169 (GOOGLE)
1 216.239.34.21 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.166 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 34.120.218.58 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
2 2600:9000:211... 16509 (AMAZON-02)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
1 99.86.4.124 16509 (AMAZON-02)
5 108.129.69.108 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
3 23.32.184.192 16625 (AKAMAI-AS)
1 13 104.22.68.131 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a02:6b8::90 208722 (GLOBAL_DC)
7 104.22.69.131 13335 (CLOUDFLAR...)
4 8 216.52.2.30 30282 (AS-INAPCD...)
7 2602:803:c003... 26667 (RUBICONPR...)
3 5 104.18.26.193 13335 (CLOUDFLAR...)
2 23.35.229.56 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 5.196.111.65 16276 (OVH)
7 34.149.20.76 15169 (GOOGLE)
3 10 51.75.86.98 16276 (OVH)
2 35.186.253.211 15169 (GOOGLE)
2 18.193.245.188 16509 (AMAZON-02)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
2 99.80.199.240 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 7 185.89.210.180 29990 (ASN-APPNEX)
2 4 185.184.8.90 204995 (RTB-HOUSE...)
2 185.64.189.112 62713 (AS-PUBMATIC)
8 141.226.228.48 200478 (TABOOLA-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:2638:3::12 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
9 30 142.250.184.194 15169 (GOOGLE)
3 4 178.250.1.9 44788 (ASN-CRITE...)
5 6 37.157.3.30 198622 (ADFORM)
3 99.81.117.172 16509 (AMAZON-02)
6 6 46.228.174.117 56396 (AMOBEE)
25 2a02:2638:3::3 44788 (ASN-CRITE...)
3 178.250.1.6 44788 (ASN-CRITE...)
2 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 52.223.40.198 16509 (AMAZON-02)
4 7 3.122.110.157 16509 (AMAZON-02)
2 4 162.55.236.224 24940 (HETZNER-AS)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 188.42.191.196 7979 (SERVERS-COM)
4 23.35.229.251 16625 (AKAMAI-AS)
1 5 104.18.27.193 13335 (CLOUDFLAR...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
8 37.157.6.254 198622 (ADFORM)
1 85.91.45.72 27381 (CASALE-MEDIA)
16 2a02:2638:3::10 44788 (ASN-CRITE...)
5 2a02:2638:3::1a 44788 (ASN-CRITE...)
3 8.2.108.194 46636 (NATCOWEB)
1 1 37.157.6.237 198622 (ADFORM)
3 3 2a02:2638:3::6 44788 (ASN-CRITE...)
1 1 2.21.20.202 20940 (AKAMAI-ASN1)
2 18.193.218.77 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 37.157.6.234 198622 (ADFORM)
2 69.173.144.165 26667 (RUBICONPR...)
3 2a02:2638:3::9 44788 (ASN-CRITE...)
1 217.182.178.225 16276 (OVH)
1 178.32.210.226 16276 (OVH)
2 2 3.121.79.42 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 35.186.193.173 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 2 151.101.194.49 54113 (FASTLY)
3 5 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.32.184.180 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 67.202.105.23 32748 (STEADFAST)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 104.18.25.18 13335 (CLOUDFLAR...)
11 185.64.191.210 62713 (AS-PUBMATIC)
1 2 54.239.33.159 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 52.210.247.62 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.211.152.111 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
1 2 52.46.151.131 16509 (AMAZON-02)
2 2 35.168.210.0 14618 (AMAZON-AES)
2 2 13.32.27.28 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 72.251.241.204 32475 (SINGLEHOP...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 3 185.86.139.104 201081 (SMARTADSE...)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 1 85.114.159.93 ()
2 2 34.243.69.54 ()
1 1 54.162.112.52 ()
1 1 50.31.142.223 ()
5 5 52.51.216.150 ()
1 1 208.93.169.131 ()
1 2606:4700:10:... ()
1 2 77.243.51.122 ()
1 1 141.94.171.214 ()
1 98.98.134.243 ()
519 127
1    143.204.215.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-39.fra53.r.cloudfront.net
news.walla.co.il
28    143.204.215.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-10.fra53.r.cloudfront.net
news.walla.co.il
15    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.66.112.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-22.fra56.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2057:400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
37    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    34.160.198.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
2    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
1    34.228.152.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-152-212.compute-1.amazonaws.com
ping.chartbeat.net
2    2600:9000:20eb:e200:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
16    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    13.224.189.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-103.fra2.r.cloudfront.net
ecdn.analysis.fi
1    99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net
ecdn.firstimpression.io
17    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent-fra3-2.xx.fbcdn.net
1    2600:9000:211e:d600:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
3    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    2a00:1450:4001:81c::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
tr.dxmcdn.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-fra3-1.xx.fbcdn.net
2    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.adoric.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
2    2600:9000:211e:5400:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
loader.unblockia.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    99.86.4.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-124.fra6.r.cloudfront.net
cdn.firstimpression.io
5    108.129.69.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
event.dxmdp.com
1    2600:9000:2490:1000:10:be65:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.unblockia.com
16    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
7    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
8    216.52.2.30 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
7    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
2    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
12    5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu
prg.smartadserver.com
7    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
10    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    18.193.245.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-245-188.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    99.80.199.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-240.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
2    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
7    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
sync.taboola.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    2a05:d018:d29:3601:c184:4582:9358:8e30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
30    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
3    99.81.117.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-117-172.eu-west-1.compute.amazonaws.com
match.360yield.com
ice.360yield.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
25    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2600:9000:223c:4200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    3.122.110.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-110-157.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2a02:26f0:1700:d::1737:6e99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
8    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    85.91.45.72 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5158.casalemedia.com
16    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
5    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
1    2.21.20.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    18.193.218.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-218-77.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
6    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    217.182.178.225 (France)

ASN16276 (OVH, FR)
PTR: ip225.ip-217-182-178.eu
euw2.smartadserver.com
1    178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu
adapi.smartadserver.com
2    3.121.79.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-42.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    2600:9000:211e:6e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
pixelgroup-d.openx.net
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
11    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.210.247.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-247-62.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.211.152.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-152-111.eu-west-1.compute.amazonaws.com
a.audrte.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.168.210.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-210-0.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net
live.rezync.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2a05:d018:cc3:fe04:2e01:fd37:4808:6be0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
3    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    34.243.69.54 (None, )

ASN- ()
ads.avct.cloud
1    54.162.112.52 (None, )

ASN- ()
sync.srv.stackadapt.com
1    50.31.142.223 (None, )

ASN- ()
b1sync.zemanta.com
5    52.51.216.150 (None, )

ASN- ()
match.prod.bidr.io
1    208.93.169.131 (None, )

ASN- ()
bh.contextweb.com
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
1    141.94.171.214 (None, )

ASN- ()
pixel.onaudience.com
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
51 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
270 KB
47 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
trc.taboola.com — Cisco Umbrella Rank: 680
vidstat.taboola.com — Cisco Umbrella Rank: 3058
am-trc-events.taboola.com — Cisco Umbrella Rank: 15139
images.taboola.com — Cisco Umbrella Rank: 1964
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-match.taboola.com — Cisco Umbrella Rank: 15405
sync.taboola.com — Cisco Umbrella Rank: 1031
818 KB
46 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
csm.eu.criteo.net — Cisco Umbrella Rank: 9249
357 KB
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
186 KB
29 walla.co.il
news.walla.co.il — Cisco Umbrella Rank: 234540
990 KB
24 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
ads.eu.criteo.com — Cisco Umbrella Rank: 9209
dis.criteo.com — Cisco Umbrella Rank: 648
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275
ssp-sync.criteo.com — Cisco Umbrella Rank: 1344
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502
mug.criteo.com — Cisco Umbrella Rank: 2541
161 KB
22 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
95 KB
21 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
track.adform.net — Cisco Umbrella Rank: 4131
cm.adform.net — Cisco Umbrella Rank: 1279
s1.adform.net — Cisco Umbrella Rank: 9659
dmp.adform.net — Cisco Umbrella Rank: 3616
205 KB
20 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
prebid.smilewanted.com — Cisco Umbrella Rank: 6260
static.smilewanted.com — Cisco Umbrella Rank: 10113
33 KB
17 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1721
euw2.smartadserver.com — Cisco Umbrella Rank: 15434
adapi.smartadserver.com — Cisco Umbrella Rank: 45757
sync.smartadserver.com — Cisco Umbrella Rank: 1400
rtb-csync.smartadserver.com
14 KB
15 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 957
scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 15380
scontent-fra3-2.xx.fbcdn.net — Cisco Umbrella Rank: 15347
258 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
29 KB
14 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 99528
153 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
a5158.casalemedia.com — Cisco Umbrella Rank: 496316
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
8 KB
11 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 46747
event.dxmdp.com — Cisco Umbrella Rank: 45696
133 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
2 KB
10 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 74994
227 B
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
22 KB
8 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
1 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
7 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
1 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
2 KB
6 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.gstatic.com
123 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
889 B
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
352 KB
5 bidr.io
match.prod.bidr.io
3 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
3 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6147
797 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
419 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2114
820 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
creativecdn.com — Cisco Umbrella Rank: 646
1 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
27 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
4 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 14219
loader.unblockia.com — Cisco Umbrella Rank: 13934
t.unblockia.com — Cisco Umbrella Rank: 13652
36 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
42 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
899 B
3 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
1 KB
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3356
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
ice.360yield.com — Cisco Umbrella Rank: 2362
595 B
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
1 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
pixelgroup-d.openx.net — Cisco Umbrella Rank: 112800
573 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
15 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
124 KB
3 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 57831
tr.dxmcdn.com — Cisco Umbrella Rank: 48161 Failed
123 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
25 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 avct.cloud
ads.avct.cloud
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2003
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 617
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
802 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
2 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
952 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
10 KB
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2167
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
431 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3692
2 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
764 B
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 229141
app.adoric-om.com — Cisco Umbrella Rank: 53462
54 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 31165
cdn.firstimpression.io — Cisco Umbrella Rank: 29900
104 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 24211
22 KB
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 onaudience.com
pixel.onaudience.com
419 B
1 zeotap.com
mwzeom.zeotap.com
440 B
1 contextweb.com
bh.contextweb.com
663 B
1 zemanta.com
b1sync.zemanta.com
379 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 adition.com
dsp.adfarm1.adition.com
524 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1495
181 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
283 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 445
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
1 KB
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
589 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
555 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
238 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
975 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
614 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3299
13 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 56775
16 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2100
1 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
175 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 35193
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
201 B
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111730
277 KB
0 loopme.me Failed
csync.loopme.me Failed
519 99
Domain Requested by
30 cm.g.doubleclick.net 9 redirects 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
29 news.walla.co.il 1 redirects news.walla.co.il
25 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
22 images.taboola.com
16 imageproxy.eu.criteo.net ads.eu.criteo.com
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net 1 redirects news.walla.co.il
securepubads.g.doubleclick.net
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
www.googletagservices.com
14 images.wcdn.co.il news.walla.co.il
13 pagead2.googlesyndication.com cdn.unblockia.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
www.googletagservices.com
news.walla.co.il
13 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
12 prg.smartadserver.com cdn.valuad.cloud
11 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
10 onetag-sys.com 3 redirects cdn.valuad.cloud
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
csync.smilewanted.com
10 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
10 cdn.taboola.com news.walla.co.il
cdn.taboola.com
8 track.adform.net cdn.valuad.cloud
ced-ns.sascdn.com
s1.adform.net
news.walla.co.il
8 ap.lijit.com 4 redirects cdn.valuad.cloud
csync.smilewanted.com
7 simage2.pubmatic.com ads.pubmatic.com
7 x.bidswitch.net 4 redirects imprammp.taboola.com
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
ads.pubmatic.com
7 ib.adnxs.com 2 redirects cdn.valuad.cloud
acdn.adnxs.com
csync.smilewanted.com
7 ssc.33across.com cdn.valuad.cloud
7 fastlane.rubiconproject.com cdn.valuad.cloud
7 prebid.smilewanted.com cdn.valuad.cloud
7 bs.yandex.ru cdn.valuad.cloud
6 s1.adform.net track.adform.net
s1.adform.net
news.walla.co.il
6 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
6 www.googletagservices.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
6 www.google.com 1 redirects news.walla.co.il
tpc.googlesyndication.com
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
6 tags.dxmdp.com news.walla.co.il
tags.dxmdp.com
5 match.prod.bidr.io 5 redirects
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 csm.eu.criteo.net ads.eu.criteo.com
5 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 am-trc-events.taboola.com
5 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
5 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.de news.walla.co.il
5 www.googletagmanager.com news.walla.co.il
www.googletagmanager.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
cdn.valuad.cloud
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 sync.1rx.io 4 redirects
4 dis.criteo.com 3 redirects 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 www.googleadservices.com www.googletagmanager.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 gcm.ctnsnet.com 3 redirects
3 rtb.nl3.eu.criteo.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
3 ssp-sync.criteo.com 3 redirects
3 us.ck-ie.com csync.smilewanted.com
3 cat.nl3.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 trc.taboola.com cdn.taboola.com
3 www.facebook.com news.walla.co.il
3 connect.facebook.net news.walla.co.il
connect.facebook.net
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
3 www.google-analytics.com news.walla.co.il
www.google-analytics.com
www.googletagmanager.com
2 uipglob.semasio.net 1 redirects
2 ads.avct.cloud 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 creativecdn.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 s.tribalfusion.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
2 a.tribalfusion.com 2 redirects
2 pm.w55c.net 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 encrypted-tbn2.gstatic.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
2 encrypted-tbn1.gstatic.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
2 match.sharethrough.com csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 ad.turn.com 2 redirects
2 sync.taboola.com am-match.taboola.com
imprammp.taboola.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 sync.targeting.unrulymedia.com 2 redirects
2 match.360yield.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
2 i.clean.gg cadmus.script.ac
2 static.smilewanted.com csync.smilewanted.com
2 hbopenbid.pubmatic.com cdn.valuad.cloud
2 prebid-eu.creativecdn.com cdn.valuad.cloud
2 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
2 hb-api.omnitagjs.com cdn.valuad.cloud
2 bidder.criteo.com cdn.valuad.cloud
2 tlx.3lift.com cdn.valuad.cloud
2 rtb.openx.net cdn.valuad.cloud
2 mp.4dex.io cdn.valuad.cloud
2 a.teads.tv cdn.valuad.cloud
2 htlb.casalemedia.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 loader.unblockia.com 12890047.adoric-om.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 cf.dxmcdn.com tags.dxmdp.com
2 web-sdk.smartlook.com news.walla.co.il
web-sdk.smartlook.com
2 platform.twitter.com news.walla.co.il
platform.twitter.com
2 static.chartbeat.com news.walla.co.il
1 pixel-sync.sitescout.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 ice.360yield.com csync.smilewanted.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 ups.analytics.yahoo.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 js-sec.indexww.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 eb2.3lift.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 mug.criteo.com
1 fonts.gstatic.com fonts.googleapis.com
1 ads.travelaudience.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 s.ad.smaato.net 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
1 adapi.smartadserver.com news.walla.co.il
1 euw2.smartadserver.com ced-ns.sascdn.com
1 www.gstatic.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
1 fonts.googleapis.com 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
1 ads.stickyadstv.com 1 redirects
1 cm.adform.net 1 redirects
1 a5158.casalemedia.com cdn.valuad.cloud
1 ced-ns.sascdn.com news.walla.co.il
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 cadmus.script.ac script.4dex.io
1 vidstat.taboola.com cdn.taboola.com
1 cdn.jsdelivr.net cdn.valuad.cloud
1 t.unblockia.com cdn.unblockia.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 region1.google-analytics.com www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 widgets.outbrain.com news.walla.co.il
1 ad.doubleclick.net news.walla.co.il
1 scontent-fra3-2.xx.fbcdn.net www.facebook.com
1 scontent-fra3-1.xx.fbcdn.net www.facebook.com
1 tr.dxmcdn.com cf.dxmcdn.com
1 pro.ip-api.com news.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 12890047.adoric-om.com news.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 cdn.unblockia.com news.walla.co.il
1 ecdn.firstimpression.io news.walla.co.il
1 ecdn.analysis.fi news.walla.co.il
1 ping.chartbeat.net news.walla.co.il
1 cdn.valuad.cloud news.walla.co.il
0 csync.loopme.me Failed 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
ads.pubmatic.com
519 170

This site contains links to these domains. Also see Links.

Domain
www.walla.co.il
weather.walla.co.il
mail.walla.co.il
sports.walla.co.il
e.walla.co.il
finance.walla.co.il
healthy.walla.co.il
food.walla.co.il
celebs.walla.co.il
travel.walla.co.il
tech.walla.co.il
b.walla.co.il
fashion.walla.co.il
cars.walla.co.il
www.sheee.co.il
home.walla.co.il
fun.walla.co.il
help.walla.co.il
nadlan.walla.co.il
mekomi.walla.co.il
marketing.walla.co.il
gaming.walla.co.il
mazaltov.walla.co.il
horoscope.walla.co.il
law.walla.co.il
judaism.walla.co.il
walla.co.il
tld.walla.co.il
calendar.walla.co.il
yoram.walla.co.il
vod.walla.co.il
viva.walla.co.il
www.jpost.com
dcx.walla.co.il
www.tiktok.com
www.instagram.com
twitter.com
www.facebook.com
beauty.walla.co.il
seniors.walla.co.il
doral.walla.co.il
stayinghealthy.walla.co.il
cannabis.walla.co.il
b144.walla.co.il
galil.walla.co.il
showbiztip.walla.co.il
yarokkl.walla.co.il
sanofi.walla.co.il
special.walla.co.il
mimsheletbennet.walla.co.il
play.google.com
itunes.apple.com
www.wallashops.co.il
career.walla.co.il
fantasy-sport1.walla.co.il
now.walla.co.il
zoom.walla.co.il
tv-guide.walla.co.il
holidays.walla.co.il
www.b144.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
paisculture.walla.co.il
www.drushim.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
madaney.walla.co.il
eilat.wallashops.co.il
www.wallatours.co.il
www.wallaprint.co.il
apps.walla.co.il
www.alm.co.il
fragebogen.gutes-hoeren.de
popup.taboola.com
www.gutes-hoeren.de
verfernonreless.com
trc.taboola.com
www.hoergeraete-vergleich.com
ad3.adfarm1.adition.com
maximparerurehab.com
lhlrtvx.com
www.solaranlage.de
www.meine-krankenkasse.de
tags.walla.co.il
www.oref.org.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
valuad.cloud
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.unblockia.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
syndication.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tr.dxmcdn.com
GTS CA 1D4		 2023-09-03 -
2023-12-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
adoric.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.adoric.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 70 frames:

Primary Page: https://news.walla.co.il/
Frame ID: CBDB93C7582E1B84DA3790BC405114CD
Requests: 237 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fnews.walla.co.il
Frame ID: 285225835FB46562A7324D2EB9124CE8
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Frame ID: 6403B4390947D1A35E71E968FB14F341
Requests: 16 HTTP requests in this frame

Frame: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9FD889D6892C23519334AAA06816C2DA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 107C61C8534B261116E331937D51DC10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBC0939AB1885626E7E553C90F85AD28
Requests: 2 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 0F0D693956F1C493244652B5DFAEACF7
Requests: 1 HTTP requests in this frame

Frame: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A78AE46759A1595A871F655B3C82D848
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: EBC32122F1BDAC8AECD95F26AC7CEFD3
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4F5B8235849593217DC59A234478849
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 531E2F752C2FFE0358B0FC8189435404
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 14224273B9C3E51731346744FCB40311
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&cmcv=&pix=undefined&cb=1697529455730&uv=3346&tms=1697529455730&abt=adxsub-out_vA!adxsub-out_vB!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=cda57b51-ae14-420e-b8a5-a775226425ad&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 68F44ADCF69BE738304AFE0E0C5FC5E2
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 604A9007D5B71EC42621DE0C28FEC161
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 0E3FF5C285A0C840E637F0A66FE84AC0
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F
Frame ID: B4AB7E08451C019D181818C3287AF2FC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003
Frame ID: 46B079F8A32295B090728A6AB0C5B888
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/1e3a4464-652a-5222-9e55-aa03fb7b946c
Frame ID: 7406C381949CB757F8C4EEEEF1B82A62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: FF1098E6F9ADC63D1285B31B8FBB09B2
Requests: 3 HTTP requests in this frame

Frame: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 45AEE1BE43A02907355B33A37330625F
Requests: 9 HTTP requests in this frame

Frame: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1967D0C7769258A7D07F57A0F132262
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9PA_fTMSex7oHfq3x6gSTTwy1t0gqhuqvFZHFi0vNtVs16X1FdsPSl51ncIRwISOqemMAUJpRBajE5Rj1IDmzL_kbnUOVplhPhZ53zgw59IC4FxOXVOl9jjCe0b-1BQJfG8LXiYXgw9K53KL9ihSDU4erQI-NRx0AabXU7eSSNPEY4U_HoQNpRpWmmkqjReGoaBwph9vcnj1oSj5yaInFzI-n-kOVTCBBoOUOn0Fqf2JbdyVwuF4VUoZ2JTXu6-NhD9cqkB0kogoJc92hPPki96mYEfSTjNrNbTAXQluYAjwcSoxgsovqzxi_ewOnRfrFs2kSo10YF4Nu76ZJy6tbsGr6w9sEtO8gLhD2NJUU1nTvbIXVl2ai4A2R-zuUAoPaKnVTOhvqIRY&sai=AMfl-YSY0gibDjQdCpVtEToGqP43WYDgHpOxwDpMxKCYotXlJvEKMbS_w2DB-pe-NOAAAV3ZiOxnqaNSKlpDSzQvktx16CiKx6vWnSVnx7sYblVr7LIWx5-zsWBwZwLwuA&sig=Cg0ArKJSzAlf3Vackg6VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A3DA06582E8E316D9F25CB188CDE97B2
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7kALIOsAB1o8XOXVKNnOB1_LiQxN57fvvJFu2_jwQDqjDdj-Nv9krn8x6I_VzkYQJYw32KXjVaMhCPSjIDqx6oPwwFlcaAIXMwvDy4vXMfy2ZiXcPHDed-Zl47bOn2yxaXgv7LKgV6m5beq-jynifv2MsDMzeg3C6PijUk5JA9jfC3MqpnXbg7QcjSSecxeRAaqaDoQ05yL-B6HwB911LVdVVprUVelGg7RggEKSGpAqMHD9MPFqhib3zLHU818jOyLcxEWoopZRBYoRCiCobesmydZ-rhG17sC7kEgQSuE3JgZcUx2kbbfjNzWEHwG7oJav9MrLi-jg9ChfutxgXiVbRygMGTtqfYqKZHPnHVLTrmo9nCxUii2Vbzvgs5LnYMWeCE7OvxZs&sai=AMfl-YT8yus7kKA-T3Zsb8y2dY4K5cVlGiMecpHJRr3geDWSyMEh7bv91A8Zho2A4Oi-KeLWbSTQjy0rjnmnhbyZPfp3LqH2nRHo6LoF4cdr26YtxJ-E_2qDRTV5VzhGBw&sig=Cg0ArKJSzIDXxWgy1dFJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EE834825DCA58AFB003334EB1DA09122
Requests: 11 HTTP requests in this frame

Frame: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 623C2BFECFADF7E48F3D8F11161402EE
Requests: 9 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 96395FEF136D642066456BFC6075A73F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6636315287078971408
Frame ID: 8079131BCE711BC646B941DD9AF29446
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ZPFO3leya3A7o-h8c4itaCQ0N3vVe6wc1QirpA
Frame ID: C296F1BA6A545B58769214A8B91EECA7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/968afe16731a1316af192e9dadb1ab2?gdpr_consent=&gdpr=0
Frame ID: 440A4ED5B11D27CD49C1EE74320491A4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: EFAEE73C8F66307BFA26AB67BA3D82E1
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: B5D452FE4A5FA3E4B6F5E78EE5F7C0E1
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E01C7DAAC008B2F173279B884FBAB81
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 938273534672DAE097B9E48C3B95223C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: C53FFECBD1C691300EE09384B8D9A307
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3478CDB28AED16B4E34B1C0B9CBDBECF
Requests: 9 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=64491512;rtbwp=qdpTP8YMF_G10afMQO2g3826Z16GeCAxUFdFDw;rtbdata=N61IswdOU8ab0V3rj5S5sxAHjoHRvBBOcdVrDJsoL377FZZc_u_Curo5sMud8uCKbSNP88VQ5iUtUH7zySkCfEOVYWpEj7gxYsbexs2CofQgXUhfucjMCX3OsHZPIAv4UwRUjpYNjdenLYD-oczoYGulL2BivjAeSyrE_eiUpqcGKw06CASp8jf_LWAWORV_IXQM4_dHtAx4W3Hbhslx-papLHPk46l7TPcsWbOye5M64r9GpocpM7Db7MwGddVgomN1-c6UvUo1
Frame ID: D8DE07F40D7B9C6A8D9691775D663D43
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
Frame ID: E97FC5120F8764FEE5AB9ED9E5C29BDB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.walla.co.il
Frame ID: F820D6331ED83C0F71CFC2C3D3755430
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 68F9941A3D64F8231C4E0F42489D8B3F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 378366A4124DD5B45E4A3D6C66B43D08
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5DC30023B67933502DF7E1813F5EAE70
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: D62C32FAA5A3D47F9F7CED9ACD481F1C
Requests: 20 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: EF568713BB4453D714927ABE06736ABA
Requests: 1 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: AF168CD83E9A49BF7600083EEB7C910A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A7B9E8037AEF9A34E81C25B1CFF44229
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697529455176
Frame ID: B5EB5C8C44E81844FDE1C23263583C65
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: EA6914A76BC5B7B0F6092AA5C7250140
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1257815DE7889E7AA6A284451C12190B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 0E2DB33695CF575912DE1A7805F03EF4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq
Frame ID: 16B7456679A9C0A4DA1D19594C1A864F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 939260260FE2908EB8F24C4C9D3F7B2C
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: EA2A1E5310A654655A817FF0D6645D3A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 90ADE541507D9BD36C49088026FAD993
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: FC101C0BB783090B0A06D513D37D7C44
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 4935B5B4395D3F2F78F4F2577DDDBEF6
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 96F0179C095F13AA124D96B0A495C905
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 302E3B3FC3F600B2517A0865696114B1
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: C96E6F4E7742391E12413E5278BE8ED7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/g8pHDCZTRKrqCcqnLUsh?pi=smilewanted&tc=1
Frame ID: 0B46DDA935C5588A1BB32D2C013417F0
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=2e25137932f9faa27949ea0daf3c7795
Frame ID: 6EB02DCA83BA5A7B1322F867D3FD4C66
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 3C47FCA268368E6D7F6DF587F9E7A009
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: A96508F18F0132183FBC02440EC108ED
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=31A4C904-318B-4493-A96C-B51A1F764B97&gdpr=0&gdpr_consent=
Frame ID: 97DC2FD19210EEF9EC7E0456D6C72054
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2702435962288459528&gdpr=0&gdpr_consent=
Frame ID: 36C401C701CA5652ABB25247D6A8891A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290833519009003676&gdpr=0&gdpr_consent=
Frame ID: 67A938B1AFAA748F8042049E6EA4958C
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=59&user_id=5c550b48-e9e0-4c73-a642-becaf5566ab1&ssp=pubmatic
Frame ID: FA03EB10595EAC5602CB799AF42AC075
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rKZMFUCTUm9t4-Bvlc9V5ZJGdVQ&gdpr=0&gdpr_consent=
Frame ID: F75ED40C3CE932EF70E4A1808170038B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: ACE732AB46E5D5B2D7BBC53857FB3408
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B00E7A7C25033691501E4A1B4D96943D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAak07KXH0AABhnCsRaSw&gdpr=0&gdpr_consent=
Frame ID: A76590543FF25BFDB84E8BE8F98E080F
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: EB410406F09DD9A3E6F52CE768D9282C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

חדשות מהארץ ומהעולם: כתבות ודיווחים שוטפים 24/7 - וואלה! חדשות

Page URL History Show full URLs

  1. http://news.walla.co.il/ HTTP 301
    https://news.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

519
Requests

92 %
HTTPS

37 %
IPv6

99
Domains

170
Subdomains

127
IPs

13
Countries

5727 kB
Transfer

16751 kB
Size

90
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.walla.co.il/ HTTP 301
    https://news.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1432887230.1697529452&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bD4uZfOOIPKg9u8Pnq6G2AM&sscte=1&crd=&eitems=ChEI8OG4qQYQ1JbG9uiYj-unARIdACBM5LmpyVq7_vYuYqFx9VnUgYDEHqIXYpiXOgo&pscrd=Ek5DaEFJOE9HNHFRWVFqZUh4dkk3R3M1WlZFaVlBU3NtOFdkbFJJN0oxMFIwR1JUVGhGZzJISTdsVGRtV042VXdYSXJSMXpDeUFYY0xYelEaWENoQUk4T0c0cVFZUTJ1enR4ckM0cFpOckVpNEE0OXowX2V6c1ZKVkcwamRoc1NUUkt2LW1xLXZhZzVoWWYwcjNxOUYwbzJwRW9jcTRWeVg2MUdNaDBacmkiEwjz9I2AzvyBAxVykP0HHR6XATs HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1432887230.1697529452&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9HNHFRWVFqZUh4dkk3R3M1WlZFaVlBU3NtOFdkbFJJN0oxMFIwR1JUVGhGZzJISTdsVGRtV042VXdYSXJSMXpDeUFYY0xYelEaWENoQUk4T0c0cVFZUTJ1enR4ckM0cFpOckVpNEE0OXowX2V6c1ZKVkcwamRoc1NUUkt2LW1xLXZhZzVoWWYwcjNxOUYwbzJwRW9jcTRWeVg2MUdNaDBacmkiEwjz9I2AzvyBAxVykP0HHR6XATs&is_vtc=1&ocp_id=bD4uZfOOIPKg9u8Pnq6G2AM&cid=CAQSKQDICaaNLoJIeCTPEtujMNUOsOUUUtwOJnsBjw0NpdqoqL9nB7ps1Nxt&eitems=ChEI8OG4qQYQ1JbG9uiYj-unARIdACBM5Llffr2lOO7QFbugjEwt53Kxgp37IA6Idaw&random=3711431038 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1432887230.1697529452&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9HNHFRWVFqZUh4dkk3R3M1WlZFaVlBU3NtOFdkbFJJN0oxMFIwR1JUVGhGZzJISTdsVGRtV042VXdYSXJSMXpDeUFYY0xYelEaWENoQUk4T0c0cVFZUTJ1enR4ckM0cFpOckVpNEE0OXowX2V6c1ZKVkcwamRoc1NUUkt2LW1xLXZhZzVoWWYwcjNxOUYwbzJwRW9jcTRWeVg2MUdNaDBacmkiEwjz9I2AzvyBAxVykP0HHR6XATs&is_vtc=1&ocp_id=bD4uZfOOIPKg9u8Pnq6G2AM&cid=CAQSKQDICaaNLoJIeCTPEtujMNUOsOUUUtwOJnsBjw0NpdqoqL9nB7ps1Nxt&eitems=ChEI8OG4qQYQ1JbG9uiYj-unARIdACBM5Llffr2lOO7QFbugjEwt53Kxgp37IA6Idaw&random=3711431038&ipr=y
Request Chain 248
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECzelsHjaJBUM1SuYQyqBL4&google_cver=1&google_push=AXcoOmSgl49Ao-erWD9Vd3zFzzejx6S1KQVm8ACytqO8StDgO1nxJa9rERuMOw__OSrMivdB0vbxzQUyLLT0icoBy2WK7os03FM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgl49Ao-erWD9Vd3zFzzejx6S1KQVm8ACytqO8StDgO1nxJa9rERuMOw__OSrMivdB0vbxzQUyLLT0icoBy2WK7os03FM&google_hm=eS1FTWI0VnpWRTJwRWVyVnZIN2U2MVhQQXBWZ2dCa2tEdn5B
Request Chain 250
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELIc6oc5iTG-1vqnCTL5lAQ&google_cver=1&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix5ZDUlCF3tBY59CDo9ugU8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELIc6oc5iTG-1vqnCTL5lAQ&google_cver=1&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix5ZDUlCF3tBY59CDo9ugU8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzNjMxNTI4NzA3ODk3MTQwOA&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix5ZDUlCF3tBY59CDo9ugU8
Request Chain 251
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1&google_push=AXcoOmT7W6Uib7JJK6BLhQn-RGHmj0zS2GITdAa89etT7u2CGM8czm_dAWCtctWAafktno9hHmEZw2ylDWdb3HMZwJ5jSGYTJuA HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_push=AXcoOmT7W6Uib7JJK6BLhQn-RGHmj0zS2GITdAa89etT7u2CGM8czm_dAWCtctWAafktno9hHmEZw2ylDWdb3HMZwJ5jSGYTJuA&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmT7W6Uib7JJK6BLhQn-RGHmj0zS2GITdAa89etT7u2CGM8czm_dAWCtctWAafktno9hHmEZw2ylDWdb3HMZwJ5jSGYTJuA
Request Chain 253
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFTlYLG0LwSK_PPqRzzegck&google_cver=1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1697529455772 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs%26google_hm%3DA0dbr_PzZU4muzLrwZLF32s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs&google_hm=A0dbr_PzZU4muzLrwZLF32s
Request Chain 254
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDNydLedQoIB9TU0hSyqYgo&google_cver=1&google_push=AXcoOmQtzVNajglyzIuuTSeqPrHe-eTttrFquasl2YhCC15A7d6poNEkKjezZS41kI-iBvlETLSzDYjTSBnKQ_b4U4ZkBokpazk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQtzVNajglyzIuuTSeqPrHe-eTttrFquasl2YhCC15A7d6poNEkKjezZS41kI-iBvlETLSzDYjTSBnKQ_b4U4ZkBokpazk HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 272
  • https://pr-bh.ybp.yahoo.com/sync/taboola/22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
Request Chain 274
  • https://pr-bh.ybp.yahoo.com/sync/taboola/22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
Request Chain 277
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F
Request Chain 278
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7112003773 HTTP 302
  • https://sync.1rx.io/usersync/turn/9084300851182786757?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-475baff3-f365-4e26-bb32-ebc192c5df6b-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003
Request Chain 279
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=1628199641175996573 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/1e3a4464-652a-5222-9e55-aa03fb7b946c
Request Chain 323
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6636315287078971408
Request Chain 324
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=1e135102-b05f-4d18-89c3-7f8cf0c39b50&dised=true&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=wrG4jF9tbFdLTVlUZFNrazZJV09udThoZ1Rqa0hJTGozUVUlMkIxYUt2RUYlMkZndHdPVnppbDFqJTJGWSUyQk1OSkZ3QVI1biUyQmtHZWhqenhtWUZGN0l1ZnhndWRGbSUyQktvbDdKdFlIVFRlSURUSmtpcHhMVmRSNVFSNm1NNlBoc21ZQkFMNkJpOXQwS3A2Sm9xUHg0SFI0anp3akIxckVQQzdRRFhYaDIwZzdyY0oxQ04lMkZKNU1ZTmFTMUZ4WHBrZ3dac2dpVm5qRUFaNw&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-nlH9n1eya3A7o-h8c4itaCQ0N3uFoeF8AegIZg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=wrG4jF9tbFdLTVlUZFNrazZJV09udThoZ1Rqa0hJTGozUVUlMkIxYUt2RUYlMkZndHdPVnppbDFqJTJGWSUyQk1OSkZ3QVI1biUyQmtHZWhqenhtWUZGN0l1ZnhndWRGbSUyQktvbDdKdFlIVFRlSURUSmtpcHhMVmRSNVFSNm1NNlBoc21ZQkFMNkJpOXQwS3A2Sm9xUHg0SFI0anp3akIxckVQQzdRRFhYaDIwZzdyY0oxQ04lMkZKNU1ZTmFTMUZ4WHBrZ3dac2dpVm5qRUFaNw&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-nlH9n1eya3A7o-h8c4itaCQ0N3uFoeF8AegIZg HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-nlH9n1eya3A7o-h8c4itaCQ0N3uFoeF8AegIZg&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=wrG4jF9tbFdLTVlUZFNrazZJV09udThoZ1Rqa0hJTGozUVUlMkIxYUt2RUYlMkZndHdPVnppbDFqJTJGWSUyQk1OSkZ3QVI1biUyQmtHZWhqenhtWUZGN0l1ZnhndWRGbSUyQktvbDdKdFlIVFRlSURUSmtpcHhMVmRSNVFSNm1NNlBoc21ZQkFMNkJpOXQwS3A2Sm9xUHg0SFI0anp3akIxckVQQzdRRFhYaDIwZzdyY0oxQ04lMkZKNU1ZTmFTMUZ4WHBrZ3dac2dpVm5qRUFaNw&u=143bdc29-f5c6-4a3e-960c-99ba1b61dc2a HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ZPFO3leya3A7o-h8c4itaCQ0N3vVe6wc1QirpA
Request Chain 326
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/968afe16731a1316af192e9dadb1ab2?gdpr_consent=&gdpr=0
Request Chain 370
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cver=1&google_push=AXcoOmQ7ilAU7_iG9AoiZdB7BzDiPfi_Fkp0KIjJB4ehKNh3wmKnI-eP2xo6zMLeNzxvYuGR-6lorhHVlLG1_d9WQ9GgK4QxGXYH HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cver=1&google_push=AXcoOmQ7ilAU7_iG9AoiZdB7BzDiPfi_Fkp0KIjJB4ehKNh3wmKnI-eP2xo6zMLeNzxvYuGR-6lorhHVlLG1_d9WQ9GgK4QxGXYH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Tm83akZQRlMxUVNFWG01&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cver=1&google_push=AXcoOmQ7ilAU7_iG9AoiZdB7BzDiPfi_Fkp0KIjJB4ehKNh3wmKnI-eP2xo6zMLeNzxvYuGR-6lorhHVlLG1_d9WQ9GgK4QxGXYH
Request Chain 371
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 372
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAgvRdRDqj6bT6j6-vTpsDs&google_cver=1&google_push=AXcoOmSTJQC9qoiIIvXfYt-NHENV75zyZR2X5a56HFegQSg2fSSRlFwkr9G-jckQK4ebQnsBM7RHG7-E-_E3j3hfeLZNOUNO64s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSTJQC9qoiIIvXfYt-NHENV75zyZR2X5a56HFegQSg2fSSRlFwkr9G-jckQK4ebQnsBM7RHG7-E-_E3j3hfeLZNOUNO64s&google_hm=rYKYWbllSB-P7Z2Jcr6AtFQ
Request Chain 373
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL0dulR0O3NGe HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL0dulR0O3NGe&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL0dulR0O3NGe&google_hm=Hf_9uGZHjl-k1XhFTA6m4G46
Request Chain 376
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDNydLedQoIB9TU0hSyqYgo&google_cver=1&google_push=AXcoOmTm5DI7-a7BgekaJEywI5kjHdqxhl67E6QCRIxN6HWUU-FlwkgDXniDkFtaqexb4RU1kfCwVjCo4gpPikh5hV-kNBmUy7eEew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTm5DI7-a7BgekaJEywI5kjHdqxhl67E6QCRIxN6HWUU-FlwkgDXniDkFtaqexb4RU1kfCwVjCo4gpPikh5hV-kNBmUy7eEew HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 383
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENNB0WMoAU2RpD2980tOBAI&google_cver=1&google_push=AXcoOmQ-1FuZeZ_SXExEnvhMwOlaAACIY7GlLQk48iNr3q7QvBSjyq802sAdPkaPVYv7n7_8DllZo3SEnCV21INpI2Fa3oF9yxt8uw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENNB0WMoAU2RpD2980tOBAI&google_push=AXcoOmQ-1FuZeZ_SXExEnvhMwOlaAACIY7GlLQk48iNr3q7QvBSjyq802sAdPkaPVYv7n7_8DllZo3SEnCV21INpI2Fa3oF9yxt8uw
Request Chain 384
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAgvRdRDqj6bT6j6-vTpsDs&google_cver=1&google_push=AXcoOmS9791KdHcCsQzE90PDhCxKVdLa2j9JMlmUjTOIaDhLFek6TIu4Q83n1j0keriQGo-dekQw3kbAiBsxfiA-2jGD9UX5zRBo2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS9791KdHcCsQzE90PDhCxKVdLa2j9JMlmUjTOIaDhLFek6TIu4Q83n1j0keriQGo-dekQw3kbAiBsxfiA-2jGD9UX5zRBo2Q&google_hm=u_yoGAeeSSuhpYXVvYygnVQ
Request Chain 386
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHSyQqLDaXnB5xTpgWLGb4Q&google_cver=1&google_push=AXcoOmT1r2PxOylHjVAfjoLPo9-p-86H7eHFBaRa1w4RivIVmAbdHRkALn4sNobEp-hPoozALRc1m0SpclbXbqo1McgEGHSdsnB9CQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHSyQqLDaXnB5xTpgWLGb4Q&google_cver=1&google_push=AXcoOmT1r2PxOylHjVAfjoLPo9-p-86H7eHFBaRa1w4RivIVmAbdHRkALn4sNobEp-hPoozALRc1m0SpclbXbqo1McgEGHSdsnB9CQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MaTJBDGLRJOpbLUaH3ZLlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT1r2PxOylHjVAfjoLPo9-p-86H7eHFBaRa1w4RivIVmAbdHRkALn4sNobEp-hPoozALRc1m0SpclbXbqo1McgEGHSdsnB9CQ
Request Chain 387
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELsqk9MHIOcAwUtcB6X4zNQ&google_cver=1&google_push=AXcoOmTspw94lcQoHmc_IZy1Z4e-XE-5xIGFx_rkRcVhOREbaE6RGX2i09EH9BZkMHku_c_VtI1kORYvXkyXksdycmvKbpJB6kakaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5VMTdJRUItMUctRzZSMg==&google_push=AXcoOmTspw94lcQoHmc_IZy1Z4e-XE-5xIGFx_rkRcVhOREbaE6RGX2i09EH9BZkMHku_c_VtI1kORYvXkyXksdycmvKbpJB6kakaQ
Request Chain 388
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1&google_push=AXcoOmSO3vtvpAOslNWVNpF18S0e5qntTpeykuM_ajjmFpb8oIHePogr96jVB2RZGFVCQR9nfKKVjuHVN3e9EaNfTZyPU1GpkxSu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmSO3vtvpAOslNWVNpF18S0e5qntTpeykuM_ajjmFpb8oIHePogr96jVB2RZGFVCQR9nfKKVjuHVN3e9EaNfTZyPU1GpkxSu
Request Chain 391
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 392
  • https://um.simpli.fi/gp_match?google_gid=CAESEKlS4JXMhsCV7XAElTxZu-I&google_cver=1&google_push=AXcoOmS92iHpwX5boGHyOJAbIUbMLwFT-mR7yLkQM300wryrbHH85eCgDGdoeGdPySHbVNn-EopdVaLG9dA4I3_s7ip1TBjv-UCq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE4CC6FF8A1A4177A09A25825511118A&google_push=AXcoOmS92iHpwX5boGHyOJAbIUbMLwFT-mR7yLkQM300wryrbHH85eCgDGdoeGdPySHbVNn-EopdVaLG9dA4I3_s7ip1TBjv-UCq
Request Chain 394
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAgvRdRDqj6bT6j6-vTpsDs&google_cver=1&google_push=AXcoOmQJmWHm7m1cL81Ox_xBdZ7thrj9EAC-rM-5XMxU1VFoERY_BFoF3wcahtAAdwmdR_PO1hgOCCrYsWJXTflVP_orlQrA0W7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQJmWHm7m1cL81Ox_xBdZ7thrj9EAC-rM-5XMxU1VFoERY_BFoF3wcahtAAdwmdR_PO1hgOCCrYsWJXTflVP_orlQrA0W7c&google_hm=qhsXfMucQou-4TGz0QflAVQ
Request Chain 395
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA3K6Cex_hzAmZJ4bHR-2gE&google_cver=1&google_push=AXcoOmQ_aFqh_CNIkXVl_GTNNJmWS6-vFSl1nQgF93UnDf1syNDrip1yTBSLOspYC5sjHf9-WzCsQYeZhwRYi1XOZMfDZm7VFI1iQQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6q7IKDoqSDoCgNCBenpydQ&google_push=AXcoOmQ_aFqh_CNIkXVl_GTNNJmWS6-vFSl1nQgF93UnDf1syNDrip1yTBSLOspYC5sjHf9-WzCsQYeZhwRYi1XOZMfDZm7VFI1iQQ
Request Chain 396
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX3AuasnpgNDH HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX3AuasnpgNDH&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX3AuasnpgNDH&google_hm=Hf_9uGZHjKcXBDvYTne9YJxP
Request Chain 397
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDNydLedQoIB9TU0hSyqYgo&google_cver=1&google_push=AXcoOmRn9VM2wF-Kijm94vwAOqsVXzZOPdnYU56gU19-CTUOAwV6vu4tLtzj4-g1l93VrVu48i-8kR-7qhx0B8nENcyd5GxpgHPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRn9VM2wF-Kijm94vwAOqsVXzZOPdnYU56gU19-CTUOAwV6vu4tLtzj4-g1l93VrVu48i-8kR-7qhx0B8nENcyd5GxpgHPg
Request Chain 436
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZjIMbz4uZeeaIc2OgQe0qoy4DqeB-a9zyd6Kn9URhIz_mqQyEAEg0ZPDKmCV4pCCoAegAfC9xvYDyAEJqQLL4DnBOrSxPuACAKgDAcgDywSqBL4CT9BG3RaCnY1tFx3Mq4B42vpR-PpXvMcbxfI3o4dIAPBbfos-muCMDMkX-zo_eC0E4Xlf6b7UioJLDK1oE3TjzB8LPU0QWtVd60v3r5li4dmE3LrgEuzJ2zuU0Kb3sWdLA7Ot4xPuyDpU0Scq7J8KVkMOCug9WeykHXs6ZIVEYRXiragI-Ag-4QOSlUS_gjCY-2kCatPIExYXBa4VQ72bnGmjnKVHXzWIR_X_-rCoC6mQjcD_mSMYAK2AKO8ZIGXjwKzv7RGmB3S4TUjsxom138bxu2IBtDrk-LJYArfzB1K_ktrIiJXwooRBCoIcX1UM62W7kSj_FhkXC6P3pWW8txAIguvd1qMyYqMWACJXtYHJ4Lx8550PBziRUY3MtwKsAYYtSvjPWlk1-FReYvuBMJTTGONLRHAkHX44H26UwASj2L2TiwTgBAGIBeqYnadDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jBuQmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ1bII0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJoQFodHRwczovL3d3dy5naWVzc3dlaW4uY29tL3BhZ2VzL3NjaHVoZS1mdXItd2FuZGVybi10cmVra2luZy11bmQtc3BvcnQ_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPVBtYXhfREUtQUxMJmFkZ3JvdXBpZD0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPYAKA8gLAeINEwim-sOBzvyBAxVNR-AKHTQVA-fYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzYyNzY1MDA4Njg5NTU5MBjx5hM&sigh=OxNUdWUUQ4c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN7ld7rwD2crv8sMgiDRjw7gOcnmH62KNF-f2f7RRGAqGDEJy6e_TA-O2fZzY7P608jymJXHpMGAE&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218178520648807938698%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053925104%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224547549877883484657%22}&andc=true
Request Chain 452
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=news.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7JBJenxXZXRockRuaHo0eWJlZzdWUE1UYUNFdGlBVThFcC9aK2RpKzJYdjlVZ3R4VFBkNFEzVkdkY0pUa1Zmd0FZTitZOGw3YWlIc09kb0xRVllZWE1xSVV6TmRVZFFmbHZ3Z1VidDBIYUc0WElYZ3lEMU1lcnhRMjN0OC9Kdkk4WFFIVDlnL2Z6ajI4d2Z5QzFYZmU1VytNa3hCamFqT0h0WEhMVzhZK2U3UDg1RDhwY1QxbEVXNEZuSjMvdTB2S2hiNXg5TEdPRTZPd2NWQmY0bXNQWmJJYzU0ZGwyZ2FWN1h4dzUwY1FHcWZHd3RLcm02NXhoUVczR2lYYm5ITndDWjFCZS8vTHBoSjk1WUlJVjZNNEdpM2pldz09fA&cppv=2
Request Chain 469
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 470
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 471
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 472
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq
Request Chain 473
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MaTJBDGLRJOpbLUaH3ZLlw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 475
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2653692519 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31A4C904-318B-4493-A96C-B51A1F764B97
Request Chain 476
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=31A4C904-318B-4493-A96C-B51A1F764B97 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NmE5bnFmTXAzUzFTVm14UThOTWNveXgxQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6636315287078971408&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzFBNEM5MDQtMzE4Qi00NDkzLUE5NkMtQjUxQTFGNzY0Qjk3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENBWBiyX7jheTz2LJ_15f_U&google_cver=1
Request Chain 480
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6636315287078971408
Request Chain 487
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1
Request Chain 490
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS4.b0ZGRb1Nhj3IuP2vlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBAf1I7uULaEHdtAsOGI9SU&google_cver=1&google_hm=2
Request Chain 491
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZS4.b0ZGRb1Nhj3IuP2vlgAA%261165&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZS4.b0ZGRb1Nhj3IuP2vlgAA%261165&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b9e3f113902545c4b526b1a86181e2f0 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b9e3f113-9025-45c4-b526-b1a86181e2f0 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc5d98e7e-fa05-4754-a0f1-e562c9252abe%253A1697529459.2902489%26_%3D1697529459.2923634&cb=1697529459.2923968 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433830464777697&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc5d98e7e-fa05-4754-a0f1-e562c9252abe%253A1697529459.2902489%26_%3D1697529459.2923634 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&_=1697529459.2923634
Request Chain 494
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6636315287078971408&expiration=1698739079
Request Chain 498
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 502
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/g8pHDCZTRKrqCcqnLUsh?pi=smilewanted&tc=1
Request Chain 503
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=2e25137932f9faa27949ea0daf3c7795
Request Chain 504
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 510
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2702435962288459528&gdpr=0&gdpr_consent=
Request Chain 511
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290833519009003676&gdpr=0&gdpr_consent=
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5c550b48-e9e0-4c73-a642-becaf5566ab1&ssp=pubmatic
Request Chain 513
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rKZMFUCTUm9t4-Bvlc9V5ZJGdVQ&gdpr=0&gdpr_consent=
Request Chain 514
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 516
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBYWswN0tYSDBBQUJobkNzUmFTdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAAak07KXH0AABhnCsRaSw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAak07KXH0AABhnCsRaSw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAak07KXH0AABhnCsRaSw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7127013687192223080&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAak07KXH0AABhnCsRaSw&gdpr=0&gdpr_consent=
Request Chain 519
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=31A4C904-318B-4493-A96C-B51A1F764B97&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=31A4C904-318B-4493-A96C-B51A1F764B97&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 520
  • https://pixel.onaudience.com/?partner=214&mapped=31A4C904-318B-4493-A96C-B51A1F764B97&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 522
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9084300851182786757&gdpr=0&gdpr_consent=&us_privacy=

519 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
news.walla.co.il/
Redirect Chain
  • http://news.walla.co.il/
  • https://news.walla.co.il/
534 KB
273 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a1fd487d03833eddf187a290ca28f7f7e3bd60c9017f8283ed4fd22b4f2d4381

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 07:57:30 GMT
etag
W/"857a0-9ekRmShZXQldYn33deblxUOQgKE"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-id
jRDUBiZIh0FVQ7X7J6x3_05fDqy_ee7mJ8PSwREnZpvdR1rnLPHv5A==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-cached
HIT

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Tue, 17 Oct 2023 07:57:31 GMT
Location
https://news.walla.co.il/
Server
CloudFront
Via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
_MSFNik7Ks3bY3EfKwld6byTGBoFT1NzbRlpvgGDsqXkIp3hD92XyQ==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Redirect from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5758ef7f0e4c67a46bdc2599045dca7d0e3dc78e2da80db95b9ea324bd27dc2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29254
x-xss-protection
0
server
cafe
etag
138 / 19647 / m202310120101 / config-hash: 13405835948429687525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:31 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bc16a197f5ef499b9285fa6d690b553c6c9737ee19fb9dadf4a4c21afdb6459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74052
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 07:57:31 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:15:53 GMT
content-encoding
br
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
78098
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
7EOW7QQP_2Vfd4mCswkygbnkGnQh_ngMVK9uKeVE5L9h_HbuFbwFgw==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:56:27 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
54064
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
INqG7aik09jlLgysYk2zfhmriyRUGm8vW3VYVoOm95iA1crgCI7y-g==
expires
Tue, 17 Oct 2023 16:56:27 GMT
mobile.svg
news.walla.co.il/public/assets/logo/ 		1 KB
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/logo/mobile.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"437-18b240eb6e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
QHtgDzTvl6u8yatqnOKhmi2s55moe1MZgGh3cJ76AR5mVPd77h-i8A==
x-cached
HIT
logo_new.svg
news.walla.co.il/public/assets/logo/ 		1 KB
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"4bf-18b240eb6e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
F_AgLnJZCEcp54HdSMgziEbfZvSCQPgMygVfDCJakSPs4lUiimdIZw==
x-cached
HIT
logo-with-israel-flag.svg
news.walla.co.il/public/assets/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/logo/logo-with-israel-flag.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"bee-18b240eb6e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
urPHR8Gu6pzfGPAhCmvDd9IJJHbUrx7m9VrusLN4W96OmD3jdkoHCA==
x-cached
HIT
tiktok.svg
news.walla.co.il/public/assets/navigation/ 		628 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"274-18b240eb6e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
HIT
x-amz-cf-id
6uLBhi6RfwD5SbSeo50eKM5tBq7sCbLqVchjKXgxGRnq5O46UlmBTw==
insta.svg
news.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"79e-18b240eb6e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
dyHA7uJ2-CreYfUwVx3p0tRmxfa9M7rZGkI-YMVSEWII9CrFvWY-Gw==
x-cached
HIT
twitter.svg
news.walla.co.il/public/assets/navigation/ 		1004 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"3ec-18b240eb6e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
kYxE-7W0b7X1YGjIgGXL1hltTjVRxOgnggRICECe_m4s4IGNjCQnZQ==
x-cached
HIT
facebook.svg
news.walla.co.il/public/assets/navigation/ 		471 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"1d7-18b240eb6e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
HIT
x-amz-cf-id
zxkxaTGPg7GDmcwbsze-g2ggn0fhcpkVQZKTP_x4Qnnyb9VRgGAOYA==
allay-icon.svg
news.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"c00-18b240eb6db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
S_u9RmphbqiqveYzS2AWtFBX-2o9a7p6t6psNNT36hjiRV6v-mwlfw==
x-cached
HIT
vod.png
news.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/icons/vod.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"4a6-18b240eb6df"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1190
x-cached
HIT
x-amz-cf-id
JmPZHBahGZ73U5_fA534r3qc4ELdWds4o5T4AK5tVtawV86rFvd41g==
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1011 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
850477602dadfc050dfc8888bb3e27ba68aa9e686cdc90017f29bea1263872ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:32 GMT
Content-Encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Mon, 16 Oct 2023 10:39:57 GMT
x-amz-request-id
tx00000000000000d7417b7-00652d1e2a-3b7003e1-fra1a
etag
"e4c440db091d296c03e1e82fdecc5870"
x-envoy-upstream-healthchecked-cluster
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1697529451.dop249.lo4.t,1697529452.cds316.lo4.shn,1697529452.dop249.lo4.t,1697529452.cds262.lo4.c
Content-Type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
282692
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		892 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb434b1b7a95e57df3dd6b7f011e0417068e9e360a8638589b599aa3dfc95f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
eVpIgalRcGQcFlZKFZjGz1axcifPNnH8
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:31 GMT
x-amz-request-id
7QK2WW46JVM85DQC
age
3224
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
17
x-amz-replication-status
FAILED
content-length
70006
x-amz-id-2
s0tGNd3VnWEevvRaFR5VvtH2ptv1zHUirn0xBWb21HOyKzf4surhgnZ+VCWjBeBT1rCAfkG78bo=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Tue, 17 Oct 2023 04:06:36 UTC
server
nginx
x-timer
S1697529452.901035,VS0,VE1
etag
"2c6c07f5bbeb2d73c162986c3c341354e4aee425"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
12
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:31 GMT
Content-Encoding
gzip
Age
1066
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (amb/6B8E)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		490 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9613a7a1499d447e3d0da4fdaa94387fb964466962f6ef0932a55da03e38d390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110294
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 07:57:31 GMT
gtm.js
www.googletagmanager.com/ 		422 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb81e3351fe8ae95fa1832fbe77e4b6e6c979a77513d02437c582a2cc7dd8a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82572
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 07:57:31 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 07:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
469
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 09:49:42 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:21:58 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
52533
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
9JwA0Zyes38wL1Xq_1uCK9sXopJwP1qKbdMb8aMabuGAqIxK6ff_JA==
expires
Tue, 17 Oct 2023 17:21:58 GMT
3613663-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/6/1/3/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/6/1/3/3613663-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
72f5a8ad58658aa5301aa5087eb1dfb3e33827a2a07a4e6b495ba8565de372f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:29:46 GMT
via
1.1 google
age
52065
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28392
icon-mail-empty.svg
news.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"5f6-18b240eb6d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
qu_Ri0WJUMZSEBf0icwxAxgm9osHK5cbnf03UTwIpCSOt6cY93vzgw==
x-cached
MISS
walla-sprite.svg
news.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"4a05-18b240eb6df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
aF_BnHghXd5IDibAM5_WA2pmxZ2WfcAxz2pE0244GXoF1D1CbEQ5iw==
x-cached
HIT
almoni-neue-aaa-600.woff
news.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"e954-18b240eb70d"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
3MIR04pDx_DfQAeHoXuJ986EASsB9KZzLNNwPHpeY6VDgsbeWNNYwg==
wallaicons.woff
news.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"3bdc-18b240eb70e"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
VRsdjY5OqlyXfxfbPi2FpDnSSV4X2zAG87MPnyh4_y1zV8cUv2c5bQ==
almoni-neue-aaa-800.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"e65c-18b240eb70d"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
58972
x-cached
HIT
x-amz-cf-id
jg3zl46zntN1dygAwtNDyCmgHcoEnUiHf-nCIAriVaHmWY5mjtyouA==
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
news.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"248c-18b240eb6be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
PC-REP8oF4ACg6kKV3E-PG3lK3WCb43r0JCP4457ZU-SFOncHkKU4Q==
x-cached
HIT
5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
news.walla.co.il/public/ 		297 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d8f67c15ef1136522d80b265ec52d3eea969960885ff6a99d40ccef0e3809c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:30 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 07:09:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
1
etag
W/"4a47c-18b3c77e469"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
-8U8STE1kU_4tMaiD2UPNYSn4VPDLmJvHvesW-DKLcE38lNFd-y0fA==
x-cached
HIT
main_518f5c451c651fc897d2_518f5c451c651fc897d2_walla.js
news.walla.co.il/public/ 		993 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/main_518f5c451c651fc897d2_518f5c451c651fc897d2_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
35f2316dc240cc0fbb2996b98e0e3e0a971bb12a16865a588dc8ddbc6bb4ad70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:30 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 07:09:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
1
etag
W/"f832a-18b3c77e4bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
mjwqBIOaT-Ru2GCF5ZiMu7xD9T5xo_FD82YRVaIjrJN54R32HiQL3Q==
x-cached
HIT
8828_a9489bf99bdefde1bf12_a9489bf99bdefde1bf12_walla.js
news.walla.co.il/public/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/8828_a9489bf99bdefde1bf12_a9489bf99bdefde1bf12_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6aa31dd89388fda4e31645d09e4e469a034999e4d7cbb356bd3b6b6fd44885a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"f8d0-18b240eb6be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
9WSnrGQXFwFuXP32uQGdnOTYtn1ZUIIsNwsZ9SXN6AePgo_10zfg2A==
x-cached
HIT
7225_843cc54c09c448233568_843cc54c09c448233568_walla.js
news.walla.co.il/public/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/7225_843cc54c09c448233568_843cc54c09c448233568_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
4855b8ec613d695d50a7af3d0044f10afad1304c8663ae841e3a5d10aeceea36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"73c2-18b240eb6be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Hxp2Ym37LIAvJlejfvuQwxOMwHhlqVwcLgwiUuv7LSKAGBuFAzN23A==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
news.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85326
etag
W/"6b6b-18b240eb6bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
uhgqtfLi1GSquhEf5UGNLqS2gYP6HzSjE45aYXtstTInKVv_jjKQSg==
x-cached
HIT
vertical_36e55f61d9b7cf29309c_36e55f61d9b7cf29309c_walla.js
news.walla.co.il/public/ 		481 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/vertical_36e55f61d9b7cf29309c_36e55f61d9b7cf29309c_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3a7a85fb998680c3ac6ff6fc796f7b8aa554e5404975d1f60b13b574e6832fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:30 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 07:09:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
1
etag
W/"7857f-18b3c77e4c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
quwF4u5BhUKJt8wITNqbTcQNdPmMKHaQQzUyBNgOYEkzR4klXnRYow==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cafc15d62bcd7743712d138cce8f2581fc208ea2653a5bc8c4865933fb0fd8df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 17 Oct 2023 07:57:32 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
172
x-accel-date
1697529280
x-77-nzt
AcO1qhE3Nzf/rAAAAA
x-accel-expires
@1697529880
x-77-age
172
last-modified
Mon, 16 Oct 2023 10:33:30 GMT
server
CDN77-Turbo
etag
W/"652d117a-2fdd"
x-77-nzt-ray
4c15622422ebf19c6c3e2e6536a45001
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
tr5
cdn.taboola.com/libtrc/ 		3 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=test_ctrl
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230026-FRA
date
Tue, 17 Oct 2023 07:57:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697529452.059696,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=CINJKhnDLzqD3XLax&d=news.walla.co.il&g=20047&g0=%D7%97%D7%93%D7%A9%D7%95%D7%AA&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5691&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fnews.walla.co.il%2F&b=329&t=1VKFFBm1okJBwaVwUDDKvZMCAvV1J&V=141&i=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&tz=-120&sn=1&sv=C7ay5XBcFHL5DiPcSmBU16fgC2fL7U&sd=1&im=061b0fff&_
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:32 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 2852 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fnews.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA1) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
645909
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 07:57:32 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BA1)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
age
72470
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 11:49:42 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-id
aIkL-NnXNO7PNe791x66YSSTvBxnunJ8graY10GYEUm-_xLSVuTfUQ==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
survey.js
cf.dxmcdn.com/dta/ 		189 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/survey.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e200:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YtNR9erNG.NoRBEcRdBoVE4OGMJQuym3
content-encoding
gzip
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 23:19:01 GMT
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
31112
x-amz-server-side-encryption
AES256
etag
W/"b034abfcfb6819eabeb9878dfce0a78a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_eo7t4dSvqYeDFQpXlgIakvZnLR32bijUVGBmodQwAUVeNkOYiC-GQ==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/javascript

Response headers

date
Mon, 16 Oct 2023 11:49:05 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
72507
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
pqeAtP_p5Lkgchb13FisrWi5oE5AGmNh1HTCY1nGT3EN6dQsIF-v3Q==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/javascript

Response headers

date
Mon, 16 Oct 2023 11:49:05 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
72507
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
xtk4GSZmHyeEun_Cwr2ilUfkgJyh_Oh-hWfV1rXoCnaE3GCaOeKtBA==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
age
72470
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 11:49:42 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-id
kBkxh8BIB0x38-lEUgI-zNaI4zXpNCiO8aa_A-Jty0-YKPkxBm_hHg==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1697529452195&cv=11&fst=1697529452195&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&auid=1432887230.1697529452&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92daead28a05e9fd0d3d55a4bab015cac9a4b08d40df59144fff0199ef1e79dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-103.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:09:22 GMT
content-encoding
gzip
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2890
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
vebMpvqWlozdrGZr4-XnBKCzwlIVXx2xVwC71ftHdunvUPad_FzFSA==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
86d9dc72d07b78da20ccb18a75e1b898fbcc2ef138b26b76f5d5f1dc99375b16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:28:55 GMT
Content-Encoding
br
Via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
1717
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Tue,17 Oct 2023 07:28:55 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"505b4e209471bcb55ebb3e33ce4f30b5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
c5zk67ZeZPq4HBzSvtNLsnPf0egbg0OJVjSHAW0Q0A2_HH7MauiZqg==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 07:57:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
YlfgUJcvO5qyYBy8cfs+afT5/q/qqTmPZ/XOUVpsIEx8HBmFX595Z/MEBzPzYhYUTIsa2gTJWpQPLvY9OTgdKA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
h.js
cdn.unblockia.com/ 		164 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding
br
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 14:15:51 GMT
x-amz-cf-pop
FRA56-C2
age
63702
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
fb4d4b7b1d35720e2d2481016ef4369b
last-modified
Tue, 20 Jun 2023 10:06:46 GMT
server
AmazonS3
etag
W/"bc5af0220c4116294c4e9c72ae4e244c"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id
vuLQfcrksIwP4Z5aqXRWctS_iR0wxbMQ1E4JlmHd7MNLcualjqM1Kg==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		158 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=news.walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1987755b0828e0aaa3344aa67e8195f333b0c8fa45da2199b5ab596c03c07167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Tue, 17 Oct 2023 07:57:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1199
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-fra-eddf8230052-FRA
x-timer
S1697529452.342528,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 15 Oct 2023 07:37:33 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 19:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
43467
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 15 Oct 2024 19:53:05 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=845497422&t=pageview&_s=1&dl=https%3A%2F%2Fnews.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=793770766&gjid=341388563&cid=23039265.1697529452&tid=UA-4780630-1&_gid=342657286.1697529452&_r=1&_slc=1&gtm=45He3ab0n71T728TH&cd1=&cd2=1&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%97%D7%93%D7%A9%D7%95%D7%AA&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fnews.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fnews.walla.co.il%2F&cd124=&z=1786246450
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 07:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
470
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 09:49:42 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1697529452474&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&bttype=purchase&auid=1432887230.1697529452&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
835a21406b4cfa8dfe8a934e745cabe0b86a5d9e5955643c595ed35d8fcc83dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1690
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18645
x-xss-protection
0
server
cafe
etag
5863262954022034179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:32 GMT
adoric.js
12890047.adoric-om.com/ 		194 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
server
cloudflare
etag
W/"306f2-9CYdnBzPfOdeDxtg9L+WyF/1La0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5pcKyiAcUdGrYOdfcvUJEfEkVrj7U8exPzDG7PfZuTa1mdFCtG4s68G%2BV%2FxtpLgyUeBLKhEctx88IjnkTeX9ALuPGVw%2FGPlqWfrC4ZHhDQxYwdWQwihrnMFoYAxELC74Y6cdWgE13aVot2Ub%2FvepRljXC3%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
8176fdc63ec4bb89-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e11848cfd87e686f2b13f3740ad082f1a216a4a1f1068187a850d0732431f2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86690
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 07:57:32 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51a2f88efa5f8a3131a80a5f50f571f6b93c2b37e92e2d994bd77f5646df8deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74708
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 07:57:32 GMT
settings
syndication.twitter.com/ Frame 2852 		869 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=cb95b6b605fd5889115baa81d34f108fb95d3667
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fnews.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
104
date
Tue, 17 Oct 2023 07:57:31 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 17 Oct 2023 07:57:32 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
b8bbd6c8ab3e5d13
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
e4cd2be8ce613231075184ce16f2378a0d2acdaa72aab49187626a5151fffdcc
content-length
337
init.f0ea58b8a94946b92431.js
web-sdk.smartlook.com/es6/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.f0ea58b8a94946b92431.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2cbea3a3ee1ece1c688b8b0f0227d7d107359816d3a240e3d20b5e92baf3cad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 17 Oct 2023 07:57:32 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
73619
x-accel-date
1697455833
x-77-nzt
AcO1qhE3Nzf/kx8BAA
x-accel-expires
@1728991833
x-77-age
73619
last-modified
Mon, 16 Oct 2023 10:33:30 GMT
server
CDN77-Turbo
etag
W/"652d117a-1071a"
x-77-nzt-ray
4c156224bfeea3ab6c3e2e654ae4f422
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Oct 2023 07:57:32 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
news.walla.co.il/public/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/main_518f5c451c651fc897d2_518f5c451c651fc897d2_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85327
etag
W/"1eb65-18b240eb6bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
bITKEg3aM84Sipua5Yzh07Lb1TBX2lW0owESO-9O7Qzzz54XfDCt5Q==
x-cached
HIT
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
news.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/main_518f5c451c651fc897d2_518f5c451c651fc897d2_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85327
etag
W/"cfe-18b240eb6c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
U3U3ew_1w2Q7fFrhqRpqFDJHfnP-C5WTgygHiYC5rHGN06rA84WbQQ==
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b722e124fadceb01901ba5f35960ecacb331f1fb6fb32a8e3d724d492a870c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29254
x-xss-protection
0
server
cafe
etag
94 / 19647 / m202310120101 / config-hash: 13405835948429687525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:33 GMT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
FPTG2OxoLYtveF6L1lHa_yi.RcOwh3q6
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:33 GMT
x-amz-request-id
EWJRSD051645SZ7W
age
2373
x-cache
HIT
content-length
1113
x-amz-id-2
8ieejmpPIDpKsuOg3VR7pyVcDCwEO5Uyc1ke5XC44VLBPrOggUcPjoVerwQWjbLJg1YocDZbifo=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Tue, 26 Sep 2023 08:56:39 GMT
server
AmazonS3
x-timer
S1697529453.030745,VS0,VE0
etag
"0f035f8b52b8607074f683b28f021659"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
3
impl.20231005-5-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sG9W8f2jxAlxZJSFj2c8uDtQaqgnrS2O
content-encoding
br
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:33 GMT
x-amz-request-id
HWSVX6M8BGBKH4V1
age
1403
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171845
x-amz-id-2
CnlVzw6QQjuusX3D4ul2rcWJSyewK6E/CTpEWdex9fwcsSemS75TmJDzyqKv2oIHdDvixTRXuSA=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 09:13:52 GMT
server
AmazonS3-br
x-timer
S1697529453.023539,VS0,VE0
etag
"dff646170ee7a85f3bc08642c9709075"
vary
Accept-Encoding
content-type
application/javascript
abp
51
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
76
page.php
www.facebook.com/plugins/ Frame 6403 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00f0457a464286e05b6c59595591de7199c3da6850157e312da13162b8dbef75
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:33 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
xYUhy6SqluPsECflK1IN5pRNW1AFpHmH3AEtMoNUlxBGLI/PSkiFnC+5L0tkCQyv8610zeEF3OSdXvGo2TaSKA==
x-xss-protection
0
close.png
news.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/ads/close.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85327
etag
W/"46c-18b240eb6c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Kd7PHOv0T93J341qyd7tTo6jGB-6sSexarGjE5k2kk6UFUuxOnbdUQ==
2547415-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100/2/5/4/7/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100/2/5/4/7/2547415-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
893523f42f089cf44d632fac7366f54b2f3d24d9b5de47f771602350e7c965d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:08:27 GMT
via
1.1 google
age
35346
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2576
3492232-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100/3/4/9/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100/3/4/9/2/3492232-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fae3abfeea6e0a543fe27ed5ea85cf014a3ae94fb90fb5939e0559e091ebec71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:11:06 GMT
via
1.1 google
age
53187
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3368
3614849-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/3614849-46.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
b0e57d75bc0af4ef3ab9ad87a27527b8db31959590a92bb5779ff82e57009c12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 05:03:48 GMT
via
1.1 google
age
10425
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3154
3613597-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/3/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/3/3613597-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
59bf8a49b764972f07ff10fa91267d7b6f7c1f5e16c25aaf4f6423c17b32188f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 05:35:52 GMT
via
1.1 google
age
8501
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12550
3567226-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/7/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/7/3567226-46.jpeg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5ccf80a0afeca4e216b9d11023e248a8da1e079fb9524093692296c3b4d9ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:23:40 GMT
via
1.1 google
age
56033
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14024
3614873-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/3614873-46.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
48e55341fc06d51fd677fb6c8fdbb5c1c1d0686729380661bc183426527336a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 23:35:05 GMT
via
1.1 google
age
30148
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5708
3528809-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/2/8/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/2/8/3528809-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
1eaccdc4aacb54961f7160943eff55e3f3a21de84833c4a6f8d600d5db75fc1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:26:29 GMT
via
1.1 google
age
52264
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45706
3532632-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/3/2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/3/2/3532632-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
84a942fa11d63b702ddff3dc7c309f59cbdd66b99853a34b4a07f9f6c87f2e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:23:10 GMT
via
1.1 google
age
52463
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5926
invalid-name2.svg
news.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85327
etag
W/"834-18b240eb6f3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
szJqzd_Td179LB31uYukoif1hoQjF7iZK4eEygU9MtB5R3tIDhjWsw==
x-cached
HIT
3454490-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/4/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/4/3454490-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8f10d7a122060c5e9725d7624296ac0d6b1817545d424d7fdecae5a54123344a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:56:47 GMT
via
1.1 google
age
61246
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8150
3258183-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/5/8/3258183-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a786785f56c14eac0a047206b47359680bbe3b170695a877a127ad5aeee3ad78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:06:20 GMT
via
1.1 google
age
53473
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4662
3585897-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/5/3585897-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cf528fec5f2cdedcd8213c7d056781991c894b6a52f00c98e9500952e171c184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:12:38 GMT
via
1.1 google
age
53095
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9774
3401797-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/0/1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/0/1/3401797-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0d4166d628450e4060cedad79066d226c7be682380e708dc30d62159fd7433ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:14:29 GMT
via
1.1 google
age
52984
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6814
3582998-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/3582998-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9dbdcfbc90fe024fb46fc665100eb8ec6cbd4be380eeb224e80ffb07c2f82580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:11:24 GMT
via
1.1 google
age
78369
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5140
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 07:57:33 GMT
server
Google Frontend
x-cloud-trace-context
33d71cf17cbf756b72b7b71e5adcb8a1
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
5b2302ca-d577-4057-b2ef-abc3bfa7746f
x-vad-version
0.14.18

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
fceb2c9cae6576dedb751cc760b03c72
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
survey-executed
tr.dxmcdn.com/rest/api/v1/ 		0
0
survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 07:57:34 GMT
expires
0
pragma
no-cache
server
Google Frontend
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cloud-trace-context
42f722a80b0499b0752ee166a74f9179
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
qOshuPrumh-.css
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ Frame 6403 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/qOshuPrumh-.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8efea9898d579f6c2a1e6461951eed1e44a7adb10e1a0e402b260b512633530
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tizgCrjY4XZs0o45AgUMtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5421
x-fb-debug
ujd1yXyVZtRshLhZmPcvwUIySHtZo7tdWJnZ83p8IZPtl9fj427SMczLJv+eTN0jZEZRe12HG5RucL4uy0FM3Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 15 Oct 2024 16:46:01 GMT
MNqA_sv_DFL.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame 6403 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9071508f7166144b974c2809c8d84fd415b80c3699b0a6a75f5cd407eaf1b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
D7a5A9P21C5RV7oXzbjKUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5077
x-fb-debug
qQTYq6K2Wf3XaEbAot8LQ71dV1NF5KOLIJD0pcBUy+jUTb9I5LBAcisC62W/WWN9bjJImioNuQIuJD1faI4tQQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:24:57 GMT
CxzjCMQABR5.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 6403 		318 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56e687887be4c418115fa34b4e7c8466f16ffce4ba5678efd915e69af36b1310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hWToMjMFp+0BKau02ycvOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86659
x-fb-debug
WjpY/4mtgt2L7Qi9NlkorA6I//ET1/xhSVrjbGofdN5k2Hs11eAjV0eRCPImuGNpXly2zjrIHmxcG7ZlL31Pbg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 12 Oct 2024 23:29:46 GMT
7ExlZRGXd6y.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6403 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/7ExlZRGXd6y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f49ec31b0ac51a73696d93cf49497d02de83e8dc34fc515e7eebcca16711dbaa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+sqGq+ENKpCYyjIYiK7B6A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27885
x-fb-debug
Glend7NiCXmMib2AVBwOSF2agVX/j5oL4KTgbyVqQUMHtchGkXwnTJUJZE8u1LBz0P+JXB8Gs8QokToJWSZZYw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 16 Oct 2024 00:35:06 GMT
B6mAd5gypzO.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 6403 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/B6mAd5gypzO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W/4zPDc5e10tqG6oIdpSHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1699
x-fb-debug
Ev+McDyKp+iY8qUMHgydEa7jkVgQG5MRnAP6fUTq6BTb9E6CEmaCH9Paqk4jbea6XnftI5gDI3yINnI2GQ26mw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 08 Oct 2024 01:39:57 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6403 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
0e0t+8SpxAIOZxRiPsbMt6SxKrH4WSjb9DrStBhuptMH7w62pnUIdWE+vvGWDRyODEGVJwcnl1bIs5OkgB2IbQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 05 Oct 2024 03:59:54 GMT
cHaN7vDWeKw.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/y-/l/de_DE/ Frame 6403 		236 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/y-/l/de_DE/cHaN7vDWeKw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5f122e7795e2b2350f50b4d3761f99f092157d4759a18036a7ad91d4c9310b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wduhfScxP0eVPTlxYtP+hA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67776
x-fb-debug
6ybA9gbcu70DMJySF5bzuZuKoGtPY3FvcvjYLgp6oq6x+RhCytUJwpFf/F1m6wZny/Ag7HvaNujdqjkqEvqeTw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 15 Oct 2024 23:09:32 GMT
rXFBesZmvW_.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 6403 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/rXFBesZmvW_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb7fe7b68be275514b92d236b01a17bc5d2d4545bf20422cd91797402d6c5893
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3g7eyouJi03MIUYxO80Trg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13823
x-fb-debug
hEWHk8yKp7WO5Kf0JZKWn/qQ2frAMaVICOrOCY+9Gb09PEQEBBcjHESQNyEodHE73Mu/q5y9xwpMKSptkjXPrw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 08 Oct 2024 01:49:33 GMT
8rtzypx1le9.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 6403 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/8rtzypx1le9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d276e016c1967b57393bed909ba95bb6bce64dc662950c6703ccb7232a76eaf4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+ttkime8pCbOmqheFu/lGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29964
x-fb-debug
VbZdRmG2jr7OXpb9zQ2ljpke2eVh9d6Yt/r8adqFLW1lQxPgkeMDA5DTIS2peE53Hd98lq2oR15R/I0bT/D5Mg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 15 Oct 2024 19:43:19 GMT
356247868_594625386209071_549895525341004885_n.jpg
scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 6403 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/356247868_594625386209071_549895525341004885_n.jpg?stp=dst-jpg_p133x133&_nc_cat=101&ccb=1-7&_nc_sid=5f2048&_nc_ohc=r5u2EEJG9ksAX_7B0ZK&_nc_ht=scontent-fra3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDrDo_egMFvq7Mk_xnlkIOxN2NqRpfClECrPJHTH8XuGw&oe=6533463E
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de25f033c4a9c8ed8194cea3f55bd5b9a0498db670963cb2d641bf0930825200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sun, 02 Jul 2023 15:55:11 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2478290717
thrift_fmhk
GBBmSh+YK7sMoLuIjNKVyF4WFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3814701271
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
5046
346882236_575974574740819_6297113487677248451_n.jpg
scontent-fra3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 6403 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-1/346882236_575974574740819_6297113487677248451_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=xfUPHp38ptkAX89dZMC&_nc_ht=scontent-fra3-2.xx&edm=ADwHzz8EAAAA&oh=00_AfA0FfFrUgry9C48ULfYj4wLZG4qTuvC21UHUyzspGqeqg&oe=6532B9C6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0394884b772f114b4ef2122a58081fcdad4da8f76fb9d8ee0887a9c9662beec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sun, 11 Jun 2023 13:25:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=378042336
thrift_fmhk
GBB8dn4pzkqVerMyj6AlxGgSFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
274974089
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1270
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=23039265.1697529452&jid=793770766&gjid=341388563&_gid=342657286.1697529452&_u=aEBAAEAAEAAAACAAI~&z=2127734923
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		239 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:15:55 GMT
content-encoding
br
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
78098
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
tpR2gEQ_wb444QpukExyjJLHMkEQmFduJlck30UYqjfcjIJdWUe8oQ==
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1697529452195&cv=11&fst=1697526000000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3724600390&rmt_tld=0&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1697529452195&cv=11&fst=1697526000000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3724600390&rmt_tld=1&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 00:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Oct 2023 00:01:30 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 07:57:33 GMT
date
Tue, 17 Oct 2023 07:57:33 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edf4d5ff0cd9bd2dcfca24dc79f62ab36f4acfecd9dc9084a9a88e23550c2023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51451
x-xss-protection
0
server
cafe
etag
2781269594843687260
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:33 GMT
170717926997655
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.134&r=stable&domain=news.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8b8ef3f53b9219b6e45674894adf50db4dc1b550fef0ff583eb9b150d81ce3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 07:57:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36587
x-xss-protection
0
pragma
public
x-fb-debug
UzaRWHLfsfVNhiFFTSrAxPLWKoZQ28/PvTunDLLzUaTxnkM7M7QeQM+SQ0nYFfmrAEej6Z5lIesOm1g1V1VUnA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews...
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1432887230.1697529452&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9HNHFRWVFqZUh4dkk3R3M1WlZFaVlBU3NtOFdkbFJJN0oxMFIwR1JUVGhGZzJISTdsVGRtV042VXdYSXJSMXpDeUFYY0xYelEaWENoQUk4T0c0cVFZUTJ1enR4ckM0cFpOckVpNEE0OXowX2V6c1ZKVkcwamRoc1NUUkt2LW1xLXZhZzVoWWYwcjNxOUYwbzJwRW9jcTRWeVg2MUdNaDBacmkiEwjz9I2AzvyBAxVykP0HHR6XATs&is_vtc=1&ocp_id=bD4uZfOOIPKg9u8Pnq6G2AM&cid=CAQSKQDICaaNLoJIeCTPEtujMNUOsOUUUtwOJnsBjw0NpdqoqL9nB7ps1Nxt&eitems=ChEI8OG4qQYQ1JbG9uiYj-unARIdACBM5Llffr2lOO7QFbugjEwt53Kxgp37IA6Idaw&random=3711431038&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=1465713073&cv=11&fst=1697529452474&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1432887230.1697529452&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9HNHFRWVFqZUh4dkk3R3M1WlZFaVlBU3NtOFdkbFJJN0oxMFIwR1JUVGhGZzJISTdsVGRtV042VXdYSXJSMXpDeUFYY0xYelEaWENoQUk4T0c0cVFZUTJ1enR4ckM0cFpOckVpNEE0OXowX2V6c1ZKVkcwamRoc1NUUkt2LW1xLXZhZzVoWWYwcjNxOUYwbzJwRW9jcTRWeVg2MUdNaDBacmkiEwjz9I2AzvyBAxVykP0HHR6XATs&is_vtc=1&ocp_id=bD4uZfOOIPKg9u8Pnq6G2AM&cid=CAQSKQDICaaNLoJIeCTPEtujMNUOsOUUUtwOJnsBjw0NpdqoqL9nB7ps1Nxt&eitems=ChEI8OG4qQYQ1JbG9uiYj-unARIdACBM5Llffr2lOO7QFbugjEwt53Kxgp37IA6Idaw&random=3711431038&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1697529453484&cv=9&fst=1697529453484&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnews.walla.co.il%2F&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7283e90c1b61af4204bc4e7a25bc8543e9ddc18b94b64aaa9806950c73d833af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1450
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.4.min.css
static.adoric.com/ 		169 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.4.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3227
x-guploader-uploadid
ADPycdsQIzqDPYpP2imwv5ORi1h4tNMv24QGFP_Q7kI_GXVk-eyZCh9N091Y1WYW8Dcywv4ovXokuibnRH9KYZA_md8NvNrD7ggP
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 08:54:57 GMT
server
cloudflare
etag
W/"d6693c4efa6e72bb9b105bc8e6384b27"
vary
Accept-Encoding
x-goog-hash
crc32c=aiZ+bA==, md5=1mk8TvpucrubEFvI5jhLJw==
x-goog-generation
1693817697766768
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z4kTPFE8vCsQXTJ3F%2B9wmTzz7sJD6HCExukNqR9RZqi7frGCQZNnTd3yel0rSL4yFc7QPwgXW7GwInoFkrebAw3bEyHjsA9ksPatNUt%2FhqFJFz8DdODflaIGAZ1W%2B8AQ9p%2B7fOR%2BomnNbGlfPKSog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14462
cf-ray
8176fdcc8c2c9211-FRA
expires
Tue, 17 Oct 2023 08:03:46 GMT
/
app.adoric-om.com/v1/campaigns/ 		955 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fnews.walla.co.il%2F&d=desktop&lsps=0&pd=M&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
04732ac8eec2220178ab7669b8f055278668ae808cf3ab50cef1327d574dc83c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
955
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"3bb-k3FOwc5w8zk0qj8kkgmPC8LRFVw"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je3ab0&_p=845497422&_gaz=1&cid=23039265.1697529452&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1697529453&sct=1&seg=0&dl=https%3A%2F%2Fnews.walla.co.il%2F&dt=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=1&ep.vertical_name=%D7%97%D7%93%D7%A9%D7%95%D7%AA&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=news.walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=&ep.tohash=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=23039265.1697529452&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=23039265.1697529452&gtm=45je3ab0&aip=1&z=1631734022
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3541264247940490&correlator=1288447339221636&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871&sfv=1-0-40&ists=32767&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697529453612&lmt=1697522253&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686%2C5686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.walla.co.il%2F&vis=1&psz=1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646%7C1600x5646&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=23039265.1697529452&ga_sid=1697529454&ga_hid=845497422&ga_fc=true&dlt=1697529451842&idt=1659&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop&adks=3645669435%2C2497977751%2C2307308051%2C2911509050%2C2493450122%2C371343016%2C608226797%2C2435464406%2C1829383952%2C4208359143%2C2743046946%2C169054207%2C1872149234%2C2952711809%2C164849084&frm=20&is_cau=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54aac5438c726a309d6509d55c96d2303bf594b36440aaa75ffd8897d6dbd750
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9FD8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:33 GMT
expires
Wed, 16 Oct 2024 07:57:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je3ab0&_p=845497422&cid=23039265.1697529452&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697529453&sct=1&seg=0&dl=https%3A%2F%2Fnews.walla.co.il%2F&dt=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=23039265.1697529452&jid=793770766&_u=aEBAAEAAEAAAACAAI~&z=154815175
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=23039265.1697529452&jid=793770766&_u=aEBAAEAAEAAAACAAI~&z=154815175
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pmk-20220605.2.js
pm-widget.taboola.com/wallail-walla/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
J_7JEZUDdQ4YrzJhODl8FUK4deJJqu3C
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:33 GMT
x-amz-request-id
RT888Y791G1QH6ED
age
552354
x-cache
HIT
content-length
28795
x-amz-id-2
FYjha+uqIMpJ2AtDlKNTTjjRqv4lyhRkTaOACSQd1VQ10Q9qQJPARFTIm1jDUJmjc0H4pmTLXa8=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Tue, 26 Sep 2023 08:56:38 GMT
server
AmazonS3
x-timer
S1697529454.702064,VS0,VE0
etag
"a78996a082a974b0dc6659aacfa84748"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
7213
logo.png
news.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85327
etag
W/"558e-18b240eb6f2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
HIT
x-amz-cf-id
IXTiavRqORv0dGPnGGxk7mykwqQ-H7eT68oHgZtvFvz6jdRkpQ3wYg==
id.json
loader.unblockia.com/c/news.walla.co.il/ 		243 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/news.walla.co.il/id.json
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5400:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1a05609b1e9884a03540795f2227e6c0fdf2103067e93b0792ac6c82a48d47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:32 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
ajMpNJXZWSaW2fqDguDWjpXfnPB2jXLff8_WpOywleVn_PH1G8c0Eg==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
239969
expires
60
spc_fi.php
cdn.firstimpression.io/delivery/ 		59 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6960&url=%2F&charset=UTF-8&ch=9&ref=news.walla.co.il&viewerId=null&referer=&_firid=12804920
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
c7c75a042fe8070fadf1109e1a468774b849bac901650547706d283ea39d2631

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:33 GMT
Content-Encoding
gzip
Via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
11420
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://news.walla.co.il
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
at5-u_5nnsCGZp-p2QFo9nkYNeQ-uujLxVigZre4K0VqsiEL6DgucQ==
Expires
0
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 6403 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
content-md5
iN31dShDArRt9ZikrDb13w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2616
x-fb-debug
j0YilPWgqQbKiZnW9PcUZ7hwTEdWL7pd9b38njVyNUYTLncgkHORaM1wl0YQR/mbCO+cGNFud64hijsWGwVVPg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 05 Oct 2024 03:53:27 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6403 		573 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/qOshuPrumh-.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/qOshuPrumh-.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:33 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
p5ONMb7Rm2EmyU3V/S4abpV1AmwkTq0ZsOiKYD0x2Grsg7R5Q8cJg5ZePdYAu5xKXth0OFtXtsg8lgq10LZpkA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 08 Oct 2024 02:28:29 GMT
id.json
loader.unblockia.com/c/walla.co.il/ 		11 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/walla.co.il/id.json
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5400:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc2728c7d949752bda4984f25bec537c5c0b85997ef4f04f18c38c692c6044f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Y.k3NmzoyTZ0zdgUC3O4.8iIw2VTpCfo
date
Tue, 17 Oct 2023 06:36:55 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
14074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11
last-modified
Tue, 01 Aug 2023 09:59:08 GMT
server
AmazonS3
etag
"2e6dfeea92702371d9fa36441c1e705c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
8prqYw3jwKCauQ6r9IOF2A0Z1BKx_8j0tiRRQpK2mUPWt5nQ1ytpEQ==
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1697529453484&cv=9&fst=1697526000000&num=1&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnews.walla.co.il%2F&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&fmt=3&is_vtc=1&random=487864756&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1697529453484&cv=9&fst=1697526000000&num=1&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnews.walla.co.il%2F&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&fmt=3&is_vtc=1&random=487864756&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.134&r=stable&domain=news.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48dc75f6760a4dd75285e76058d028f96823dbdc9bc11114230d1f305e573b2f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 07:57:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35136
x-xss-protection
0
pragma
public
x-fb-debug
+s2pX5AJka4HCgFK5nc4DKOTIj0N5fHXHgMdElE96RVcqjj7Iofk/lXZbfSLUS96uDbIM1mponeEet6aIEaDLw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fnews.walla.co.il%2F&rl=&if=false&ts=1697529453990&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697529453987.230901374&cs_est=true&ler=empty&it=1697529453470&coo=false&rqm=GET
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 17 Oct 2023 07:57:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
AOSMMkXOBOD.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 6403 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/AOSMMkXOBOD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e30dc04b9a33bbc1591a93497cb143e52b2a69569e059c3790b7fb3aee39203
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H3/mKPbzKBSDmtRrgEEh/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4845
x-fb-debug
j0DxbpU4iSk+i0y1iblx2XRc5vxnvDAqj+wnBHs1U8e3KWD6MStQDGBUWtHyC8psUicq1ufX/uaeezENc5Cogw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 16:51:08 GMT
hZdrGkiU930.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yo/l/de_DE/ Frame 6403 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yo/l/de_DE/hZdrGkiU930.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b1b62801cfcc8ca8814790778f98508d20561c579b45515dbade21d980739dab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
puNy8VA4goW803PQreen0g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7694
x-fb-debug
eR7tWznaB94rjp/fx2OCZdblTfX/QyYpQ7it1Jzk6kMkP307enfQX96el5/Fsi690cVf4SlcfxWtGuZLrwbQOA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 12 Oct 2024 17:42:54 GMT
json
trc.taboola.com/wallail-walla/trc/3/ 		94 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=09%3A57%3A34.041&lti=test_ctrl&data=%7B%22id%22%3A427%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697515414570%2C%22vi%22%3A1697529454036%2C%22cv%22%3A%2220231005-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnews.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A13499%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fnews.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fnews.walla.co.il%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5686%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Native%20Category%22%2C%22orig_uip%22%3A%22Native%20Category%22%2C%22cd%22%3A1188.8125%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%22%2C%22cd%22%3A2976.875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%201%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%201%22%2C%22cd%22%3A3371.765625%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%202%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%202%22%2C%22cd%22%3A3752.65625%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%203%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%203%22%2C%22cd%22%3A4161.546875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-j%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Category%22%2C%22orig_uip%22%3A%22Mid%20Category%22%2C%22cd%22%3A4290.65625%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%204%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%204%22%2C%22cd%22%3A4528.4375%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%205%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%205%22%2C%22cd%22%3A4951.328125%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%206%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%206%22%2C%22cd%22%3A5346.21875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-e%3Aabp%3D0%22%2C%22uip%22%3A%22Endless%20Category%22%2C%22orig_uip%22%3A%22Endless%20Category%22%2C%22cd%22%3A5666.234375%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-v%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Category%22%2C%22orig_uip%22%3A%22Left%20Rail%20Category%22%2C%22cd%22%3A784.25%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CEndless%20Category%3Dthumbnails-e%3Aabp%3D0%2C%2CLeft%20Rail%20Category%3Dthumbnails-v%3Aabp%3D0%2C%2CMid%20Category%3Dthumbnails-j%3Aabp%3D0%2C%2CNative%20Category%3Dthumbnails-stream%3Aabp%3D0%2C%2CText%20Links%20Category%201%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%202%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%203%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%204%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%205%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%206%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%3Dthumbnails-textl%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22test_ctrl%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d5cdb2e19803e6f8863c7601f81e50eba08d06bedd7a8c2d57b7905019ae685

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
777
date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.0935416666666666
x-fastly-to-nlb-rtt
7626
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230026-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1697529454.054893,VS0,VE777
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
t.unblockia.com/ 		0
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.unblockia.com/?sid=1696&o=1&b=1&p=1&t=4
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:10:be65:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:34 GMT
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
0
x-amz-cf-id
SxaOc-f4rWjgW4Z25CPVKF-ImpYN_tVHRfSHlcJIPvB3sbFrv6YlYQ==
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fnews.walla.co.il%2F&rl=&if=false&ts=1697529454318&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697529453987.230901374&ler=empty&it=1697529453470&coo=false&rqm=GET
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 17 Oct 2023 07:57:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sync
event.dxmdp.com/rest/api/v1/ 		13 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:34 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 17 Oct 2023 07:57:34 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb0de1646fdca06161796886ef29137623f3982e933b675f6d4d9178afcf86e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12112
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 07:57:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 107C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
108430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:50:24 GMT
expires
Tue, 15 Oct 2024 01:50:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DBC0 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
861a0304197c321025f9681889b65d39613196b1850d359f7c5132f97af41129
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qM-XtIS6mt5XuRq0ZBhCkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qM-XtIS6mt5XuRq0ZBhCkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:34 GMT
expires
Tue, 17 Oct 2023 07:57:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 17 Oct 2023 07:57:34 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:34 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 0F0D 		194 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e200:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9556
content-encoding
br
content-type
text/html
date
Tue, 17 Oct 2023 05:18:19 GMT
etag
W/"52319100f3cad7c781dec5018ed1ca59"
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-id
lHARiKgtYl4vMUvOVAXTUWnb6ocNfdmce_4JsIu8pxohCxIxrV6FFw==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
VtKfS.xLqR2wYAZ0uda1_bwOn38WDDK3
x-cache
Hit from cloudfront
sodar
pagead2.googlesyndication.com/pagead/ Frame DBC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310120101&jk=3541264247940490&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 107C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:30:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
62816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 14:30:38 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=129470
accept-ranges
bytes
content-length
65459
expires
Wed, 18 Oct 2023 19:55:25 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
8176fdd5e8ee9a11-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231017
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645ffa5e4bd7d2398eb0639ad31670b6d7fb6c873fa2377d544f69388e932b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14202
x-jsd-version
1.0.1845
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-ZRuZ9/NQ5klnEdrmGlNAHko4Jaw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgYWORYROhuPD3Sm6s5Kx%2Bh7un9s7Jm16MHqNSEqrTUpM7dbFfW%2Fz7XCIGbl57urRQ7gYSDnhmJaZE4t86bXC5mVnyTTj7sKzEu8ApSZhxlKx1SXsCnjiWwL40Ukn9OLUtLufsKKzJdkYjzUT7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8176fdd63c574d74-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1269291
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vp7tUaN2PIVMtayIjmnR6S1GLZHZcDiRWmuLaJcFuVA6y1VJg6B99KraDlusxNAvXiegZ4L7TF3Nz%2BkQyr4SBhtWxuUbBm3SQK3yV%2B5PIaEu%2B1wlG6KRC%2BGgQ1XNRuyJJB2vIEcR3nFGt9A"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8176fdd6292a2bd3-FRA
2214040
bs.yandex.ru/prebid/ 		0
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
last-modified
Tue, 17 Oct 2023 07:57:35 GMT
x-yandex-req-id
1697529455099327-130602429217505908300383-production-app-host-vla-pcode-325
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:35 GMT
2214040
bs.yandex.ru/prebid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
last-modified
Tue, 17 Oct 2023 07:57:35 GMT
x-yandex-req-id
1697529455097302-572274044349694632523603-production-app-host-vla-pcode-294
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:35 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
last-modified
Tue, 17 Oct 2023 07:57:35 GMT
x-yandex-req-id
1697529455145654-957485737770188897400445-production-app-host-sas-pcode-424
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:35 GMT
2214040
bs.yandex.ru/prebid/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
last-modified
Tue, 17 Oct 2023 07:57:35 GMT
x-yandex-req-id
1697529455150356-319227176028260285500193-production-app-host-sas-pcode-328
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:35 GMT
2214040
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
last-modified
Tue, 17 Oct 2023 07:57:35 GMT
x-yandex-req-id
1697529455147680-693077020356538993600331-production-app-host-sas-pcode-518
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:35 GMT
2214040
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
last-modified
Tue, 17 Oct 2023 07:57:35 GMT
x-yandex-req-id
1697529455149088-1786305227646547131023603-production-app-host-vla-pcode-294
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:35 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fdd62cc81c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fdd62ccb1c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fdd62ccd1c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fdd62ccf1c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fdd62cd01c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fdd62cce1c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2fcca8a9de9e2bdc8d38d982e4365a1c3d37875741f5c11bcfb82cb08ee6a6e5

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 Oct 2023 07:57:35 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://news.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ 		389 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=4f05d738-3572-448a-b4b0-f6dee584f7d5&l_pb_bid_id=285ee071d728c79&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c2704c84-7ae3-4315-8fbb-547f9692e810&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&slots=1&rand=0.10619247759755623
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
01bf01d746e41401087e19bd5540c49358196fd438b12c0c811db1479a0cd088

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
389
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		392 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=4f05d738-3572-448a-b4b0-f6dee584f7d5&l_pb_bid_id=29ce4071288b421&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d419c9f5-ad32-4970-9386-b595c4a333de&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.6560889908784138
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f5361c2ffb41dbb0ee12dffd3e845708d0f198b6ccc0d61ca19d9de2dfa3418

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
392
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		397 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=4f05d738-3572-448a-b4b0-f6dee584f7d5&l_pb_bid_id=302c22e3790557c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8a2f71f0-d0ef-41f7-9bdf-cb9dd4f05f96&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&slots=1&rand=0.8487647052732405
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6b1ddcfd6817eee68680c30d5388200f69d629360dcb4fd606fce0809f68aaa1

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		374 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle2_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=4f05d738-3572-448a-b4b0-f6dee584f7d5&l_pb_bid_id=3169346f16ad18f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c01525e9-559b-4e82-89fe-f7898f1a396d&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle2_desktop&slots=1&rand=0.9448556375571544
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bcdbf8a66dc28576e4243679db143bf20de1f9411558c02ada96d4f0cfa38145

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
374
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		374 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=4f05d738-3572-448a-b4b0-f6dee584f7d5&l_pb_bid_id=32d1447b28a5aba&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a4fcdc55-e815-41c5-9bd2-c1b29dd531f4&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop&slots=1&rand=0.5975428448622242
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
17ddd740d22d584977d1e93258f8eafe25246495422083084c68ced284b98f0b

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
374
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=4f05d738-3572-448a-b4b0-f6dee584f7d5&l_pb_bid_id=3389d4926349b4a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=53eb7d69-f742-4136-a945-8f72c0d8f9d8&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop&slots=1&rand=0.8151057631192744
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b7fae7a32328a42e9cd0623149d86b91aec1290807ce9af9d59b367e6e97ae98

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd1480d35401f6bdfbc502424b2e514902bda6000de4b463bb0a50bdfa74c77

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5LXraXW2Bw76%2FiUQKv8q%2B7YKsWc3dinZnJGrVlNat1OzImQUfvYsU3UDR8pQ4kEhu2oXHOu%2FUAXd4WvFSQhdXeMLQVl4XVdRinZZ019udlacYRzInbxwwSVwuJSs4oXxjQl1Y4j"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8176fdd5fd89bb8c-FRA
alt-svc
h3=":443"; ma=86400
expires
0
bid-request
a.teads.tv/hb/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 17 Oct 2023 07:57:35 GMT
prebid
mp.4dex.io/ 		60 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Tue, 17 Oct 2023 07:57:35 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: adSlot-0, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: adSlot-5
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8176fdd63fb4bbd7-FRA
expires
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid-request
onetag-sys.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebidjs
rtb.openx.net/openrtbb/ 		53 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
93f0ad866ceb012c1eb992f4ccc3302da61fb30660551d8e60bc872382b6f113

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fnews.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.245.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-245-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
accept-ch
sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=49922814574&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnews.walla.co.il%2F&PageUrl=https%3A%2F%2Fnews.walla.co.il%2F&PageReferrer=https%3A%2F%2Fnews.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fnews.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.199.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-199-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ccf57923755f6529f8452f3fa8294c9be1645c6f01cf0d7e0837a00d37f0b71e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
x-kong-upstream-latency
230
content-length
504
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
012b2110216b141cafb3dd625a3aa6fb9bdde045af83412d6606aeaa26e6d6cf

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
828ae639e7a5ae49a050353b45b2f9432320dda44b8194699477b311ac101c6f

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		700 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
227556a8af1c941378068770d36092cdb9d4c06ee215b3e5972eb41c1b44dd73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
an-x-request-uuid
5ccc5e5c-1e14-4f13-8645-690306969421
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3541264247940490&correlator=3245606976046739&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5&prev_iu_szs=970x40%7C970x50%7C970x80%2C1x1%2C1x1&ifi=16&didk=1193245113~1193245112~1193245115&sfv=1-0-40&ists=2&eri=1&sc=1&cookie=ID%3D7ddee2472e729223%3AT%3D1697529453%3ART%3D1697529453%3AS%3DALNI_MZ3T43v-4SBMek5VT6I4OZ3f5RDpw&gpic=UID%3D00000c9a535e17e3%3AT%3D1697529453%3ART%3D1697529453%3AS%3DALNI_MaOhIda4trAZHyhjmZN40VzC9DEQA&abxe=1&dt=1697529454877&lmt=1697522254&adxs=315%2C-12245933%2C800&adys=1200%2C-12245933%2C116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=16%7C-1%7C0&ucis=g%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.walla.co.il%2F&vis=1&psz=0x-1%7C0x-1%7C1600x0&msz=970x-1%7C0x-1%7C0x0&fws=644%2C640%2C132&ohw=0%2C0%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=23039265.1697529452&ga_sid=1697529454&ga_hid=845497422&ga_fc=true&dlt=1697529451842&idt=1659&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=578455068%2C3148174723%2C2933179666&frm=20&is_cau=%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb0fc1ccb691ccfa94895769b27182dc0c3f8d1edd727f81f3424d228f2f368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16028
x-xss-protection
0
google-lineitem-id
-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.6/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a060f4b8dca294114abee36f184a8d269da0cee3d17bd9d8319d08c200f2d4e

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:34 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
60280
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35133
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 16 Oct 2023 15:12:47 GMT
server
AmazonS3
x-timer
S1697529455.926098,VS0,VE0
etag
"e09ca12962836f3c9b13a40907f0f8cc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
-YwQ_c68AHubBUluMwVDM1XOMQRW1lx2fvNybwNZXuk9dv9Siwbr8g==
x-cache-hits
9722
feed-card-placeholder.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Um6fEKrHXGYZZ3Qn4T0LHJA.MOHeQ9Cq
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:34 GMT
x-amz-request-id
3GPFKGC5ZXERYSY6
age
686616
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
QqUZKGMjJ8WkwvkemwVhgRba+w8TzUjhZ1/atMqoiHTSUaY6LUQeyEotC3dGQ2xoHnP4ox7xBy8=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 09:13:59 GMT
server
AmazonS3
x-timer
S1697529455.930192,VS0,VE0
etag
"85cba1ea192707579f92c3cb4e1e588d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
557
userx.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
tNtb5ukNy642rsKnGLbwTD0n15Oonmhr
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:34 GMT
x-amz-request-id
HRTBW46KQPSP9J1R
age
620019
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
mJ/O0oF3GmksA9KSRHeGGzoljGmlqT+5jDpcfRlx9FqCixo7AyN6vM1eHQhfOU/t5QPIKjCh/Dc=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 09:14:26 GMT
server
AmazonS3
x-timer
S1697529455.963412,VS0,VE0
etag
"4738353038981e781d2ef7a3930ffbf5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
213
distance-from-article.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ZX6D.UO7Lpf3gLypn4zmND3Z_eYTEgL4
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:34 GMT
x-amz-request-id
M4P3ZV39NSJW4MVW
age
686620
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
aKw8MSUKCVzspiaErsLlG42HGMq8yXArTU1KWbaFfrbW/evDo85YfUxSpwNrVkxpmHcIAuY/GPQ=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 09:13:55 GMT
server
AmazonS3
x-timer
S1697529455.963974,VS0,VE0
etag
"7b19a6b6aab01474d6430893f66cf7d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
6
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
699
article-detection.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
vNsASkNa7Z1qeq_Xicr8igOeWzAMyusd
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:34 GMT
x-amz-request-id
87DQDN5RQS7F5CTR
age
686627
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
+DAOHwMgaV/oWSNYE8nVofIboARiUr6jCnseLdqxKf1EsFg9+jpSMOWjq36fzc602eawYbhROmk=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 09:13:48 GMT
server
AmazonS3
x-timer
S1697529455.963990,VS0,VE0
etag
"4f9543a2a53bc9619f111dff09bce430"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
683
pubs-generic
trc.taboola.com/wallail-walla/log/3/ 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/wallail-walla/log/3/pubs-generic?route=AM:AM:V&tvi48=11593&tvi50=13531&lti=test_ctrl&ri=c882fb2a875b8890ae932422b69a9332&sd=v2_b15d76543d58596dc099be8ceec5124b_22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee_1697529454_1697529454_CIi3jgYQk-FcGNS7j-WzMSABKAEwODib4wlAgooQSIKj5ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee&pi=/&wi=7025978351414212080&pt=category&vi=1697529454036&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1697529454927%7D&tim=09%3A57%3A34.927&id=8584&llvl=2&cv=20231005-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 17 Oct 2023 07:57:34 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7258
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230026-FRA
pragma
no-cache
server
nginx
x-timer
S1697529455.987763,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=09%3A57%3A34.928&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=3316&cv=20231005-5-RELEASE&lt=test_ctrl&pcs=%5Bdata-feed-main-container-id%3D%22taboola_endless_category%22%5D&vi=1697529454036
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12770
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&tvi48=11593&tvi50=13531&lti=test_ctrl&ri=c882fb2a875b8890ae932422b69a9332&sd=v2_b15d76543d58596dc099be8ceec5124b_22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee_1697529454_1697529454_CIi3jgYQk-FcGNS7j-WzMSABKAEwODib4wlAgooQSIKj5ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee&pi=/&wi=7025978351414212080&pt=category&vi=1697529454036&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1697529454939%7D&tim=09%3A57%3A34.940&id=3850&llvl=2&cv=20231005-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:34 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
54
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1697529455.997854,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
74
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
92
almoni-neue-aaa-400.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-10.fra53.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 google, 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA53-C1
age
85327
etag
W/"e770-18b240eb70c"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
c_EZABBNe7tyWj9V8yhYrL4EV4Gh1u7GueaRRV-Sk_jAOYElS1HDHA==
social
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:AM:V&tvi48=11593&tvi50=13531&lti=test_ctrl&ri=c882fb2a875b8890ae932422b69a9332&sd=v2_b15d76543d58596dc099be8ceec5124b_22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee_1697529454_1697529454_CIi3jgYQk-FcGNS7j-WzMSABKAEwODib4wlAgooQSIKj5ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee&pi=/&wi=7025978351414212080&pt=category&vi=1697529454036&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnews.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%22%2C%22sec%22%3A%22%D7%97%D7%93%D7%A9%D7%95%D7%AA%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F1%2F8%2F9%2F2%2F1892178-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A57%3A35.028&id=4055&llvl=2&cv=20231005-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
non-responsive-widget.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/non-responsive-widget.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8058500278e90cf4bf166fdb91e1d5c5377425e806874f12c4083b80ad049f6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
uHKdKz63bhmNu46fenMV1ciQhHfG5fuQ
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 07:57:35 GMT
x-amz-request-id
6V2JSEP4WQCB5Y29
age
686606
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5644
x-amz-id-2
UMAPEPxYSvkqHoNGrm6FcYT3eqC4bnaqjO5rRFRoYi/yVhm/cmctTZfaqzqA0f8LOMB/4fZsW+M=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 09:14:09 GMT
server
AmazonS3
x-timer
S1697529455.068578,VS0,VE0
etag
"27062e1c256046e3a130bd16eea9f89e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2
d6ee034c4bdc54465429a6b62e836a54.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6ee034c4bdc54465429a6b62e836a54.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa8b31ba2bc2fdbc1ce8c71f0e4b5fae9da12faf4dfb7592f2fce67f98096482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6ee034c4bdc54465429a6b62e836a54.jpg
age
1123894
edge-cache-tag
398701854446682383009483067649894524205,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
398701854446682383009483067649894524205,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
153
req-referer
https://theybf.com/
content-length
34756
x-request-id
eb4d8bcf0b67bbbc1b128e67737fef44
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200178-IAD, cache-sna10720-LGB, cache-iad-kiad7000092-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 04 Oct 2023 07:45:49 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=60196,owidth=1000,oheight=600,obytes=399609
x-timer
S1697529455.099278,VS0,VE1
etag
"8296490373a7d2da414fc0c5594122e5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
5153289104d6c037fad9cfe432a446f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5153289104d6c037fad9cfe432a446f2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8328344442a822a64cfe6ee16aa4ebb90173a8ea0a203e0f5458e23a525b0ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5153289104d6c037fad9cfe432a446f2.png
age
2301301
edge-cache-tag
534951051638964289779924049201939902471,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
534951051638964289779924049201939902471,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
616
req-referer
https://hsv24.mopo.de/
content-length
9550
x-request-id
9120abb684a801067b9bd5a2b6125a3b
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100098-IAD, cache-iad-kiad7000074-IAD, cache-iad-kjyo7100106-IAD, cache-fra-eddf8230026-FRA
last-modified
Thu, 07 Sep 2023 07:36:33 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=13214,owidth=1920,oheight=1080,obytes=1020711
x-timer
S1697529455.099626,VS0,VE1
etag
"bc50ef79c7ac5b08934ed0d2d974f471"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
3561341ae548a8202e051886c469582c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3561341ae548a8202e051886c469582c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
940eb283e7f42810a413e64ee843ed76f7ec1115026a6cdb46e70de6ce0d4f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3561341ae548a8202e051886c469582c.jpg
age
1270751
edge-cache-tag
326617964690629157078589108620360844914,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
326617964690629157078589108620360844914,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
484
req-referer
https://ads.taboola.com/
content-length
9414
x-request-id
74a191ddc06b79360e2e84f76c214679
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000122-IAD, cache-iad-kiad7000148-IAD, cache-iad-kiad7000095-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 02 Oct 2023 14:51:11 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=16041,owidth=2518,oheight=792,obytes=1566548
x-timer
S1697529455.099312,VS0,VE1
etag
"e460f48011ee782c8247e451929e2e53"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
5f6039a2106dbbcf34bbdca862f39792.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f6039a2106dbbcf34bbdca862f39792.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf5d3695cb60bad76004b8db75efb651b985d2f83fc60f8f050f206278f907f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f6039a2106dbbcf34bbdca862f39792.jpg
age
3027333
edge-cache-tag
384672721441747443254367159911346136591,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
384672721441747443254367159911346136591,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
180
req-referer
https://www.ksta.de/
content-length
61528
x-request-id
559f4edc95083b2977ae22dade95d056
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200036-IAD, cache-iad-kiad7000071-IAD, cache-sna10739-LGB, cache-iad-kjyo7100117-IAD, cache-fra-eddf8230026-FRA
last-modified
Fri, 18 Aug 2023 21:17:42 GMT
server
nginx
x-timer
S1697529455.099313,VS0,VE0
etag
"1006e18ad99577887e2afda216111d15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 129, 2
3614469-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614469-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5b39f901819fc1f56a56435b3f48e4ec407dd60075cc403fec73879df7bfc43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614469-46.jpg
age
88070
edge-cache-tag
529238286383904463832754038521059713672,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
529238286383904463832754038521059713672,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
399
req-referer
https://news.walla.co.il/
content-length
10382
x-request-id
c301afd53abd068c3b0f429f2dfa27f1
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100081-IAD, cache-iad-kcgs7200075-IAD, cache-lga21937-LGA, cache-iad-kjyo7100056-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 16 Oct 2023 07:26:44 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=15062,owidth=1200,oheight=673,obytes=47522
x-timer
S1697529455.108390,VS0,VE1
etag
"8521e000f29ac0f93c865e950877e65f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
3612065-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/2/3612065-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44ffb03dda1914a5468efbb0d1b70db05a53f49ff509cf87aa56602786756b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/2/3612065-46.jpg
age
602349
edge-cache-tag
312222101072849273253007837449378803585,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
312222101072849273253007837449378803585,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
55
req-referer
https://news.walla.co.il/
content-length
9678
x-request-id
a5818ad9e39d022a63acc970eb774b0d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kiad7000126-IAD, cache-sna10737-LGB, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230026-FRA
last-modified
Tue, 10 Oct 2023 08:35:45 GMT
server
nginx
surrogate-reporting
width=473,height=262,bytes=15401,owidth=473,oheight=266,obytes=12028
x-timer
S1697529455.108388,VS0,VE1
etag
"ff282a2d3fa1a5db32f77a73953e101d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
04fb9a19f6851873c927bd64afc3d5a4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04fb9a19f6851873c927bd64afc3d5a4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4433cf51ecf743f83df160c99dd312362e1e9f9dd1b2f5b4feaf86e8d088702e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04fb9a19f6851873c927bd64afc3d5a4.png
age
1117621
edge-cache-tag
537221847384198878143059422061096930817,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
537221847384198878143059422061096930817,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
200
req-referer
https://www.all-in.de/
content-length
47250
x-request-id
eacb4a592d6b69471ef5838d8bfe54c1
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kjyo7100082-IAD, cache-iad-kjyo7100020-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 04 Oct 2023 01:45:03 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=106541,owidth=1200,oheight=800,obytes=1537120
x-timer
S1697529455.138993,VS0,VE2
etag
"5259aeb188bf7d9938910fdd17a3d5a0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b634a00a9cafffb3b011ec6fd398917b8ebe38d7d285b1baa41c156d153a6326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
2469770
edge-cache-tag
533785047141029851524565568207219022138,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
163
req-referer
https://portal.auone.jp/
content-length
9006
x-request-id
5647598ddd23d3b09cd0abf542729615
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kcgs7200131-IAD, cache-lax10647-LGB, cache-iad-kjyo7100085-IAD, cache-fra-eddf8230026-FRA
last-modified
Sun, 10 Sep 2023 20:16:03 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=13382,owidth=1200,oheight=800,obytes=488780
x-timer
S1697529455.198258,VS0,VE0
etag
"f0dff8d74ccdd61333a0fd8ba78e4dc0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 105, 2
f847129abb05542748aefa5ec705d9ac.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f847129abb05542748aefa5ec705d9ac.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a0bd16bfe3b2c9166ee723337f88b77ea96e82927bd552ebf82346a73c751cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f847129abb05542748aefa5ec705d9ac.png
age
2996986
edge-cache-tag
351728606715898406156966688814177778678,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
351728606715898406156966688814177778678,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
44
req-referer
https://www.t-online.de/
content-length
13658
x-request-id
a6858e705257c0aba45b4c2ce83fb964
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100122-IAD, cache-iad-kiad7000156-IAD, cache-sna10744-LGB, cache-iad-kiad7000062-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 21 Aug 2023 19:44:33 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=20720,owidth=1200,oheight=800,obytes=1726149
x-timer
S1697529455.198232,VS0,VE1
etag
"a28be6cc3eaddfa724288bdc52eaa481"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
ac3087a1954ab1f6e5cf353bdf9ff1fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac3087a1954ab1f6e5cf353bdf9ff1fb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9af02619f6e7b8db8f2835f873bfac8efb007674a78ae8f572191b6c989a179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac3087a1954ab1f6e5cf353bdf9ff1fb.jpg
age
1901129
edge-cache-tag
418803547888901513156967211830083563457,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
418803547888901513156967211830083563457,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
414
req-referer
https://www.express.co.uk/
content-length
19990
x-request-id
3fff6012cff27f554303319f227b6943
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100119-IAD, cache-iad-kcgs7200085-IAD, cache-sna10741-LGB, cache-iad-kjyo7100107-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 25 Sep 2023 07:22:27 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=45945,owidth=1000,oheight=600,obytes=919045
x-timer
S1697529455.198463,VS0,VE1
etag
"e22757b5b7be3ecf0911babfbd4332b8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
af8968bdfc542cb448f905eb37d5b6a2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af8968bdfc542cb448f905eb37d5b6a2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fa7b3d436cacf1c30c03a37d1374c28c019a79a29aa319d33ef89fb6ef0a1ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af8968bdfc542cb448f905eb37d5b6a2.png
age
671078
edge-cache-tag
573761346586143030348174481978140107380,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
573761346586143030348174481978140107380,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
203
expiration
expiry-date="Thu, 09 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport5.co.il/
content-length
6464
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000063-IAD, cache-iad-kiad7000134-IAD, cache-sna10723-LGB, cache-iad-kcgs7200154-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 11:45:48 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=17878,owidth=600,oheight=500,obytes=502349
x-timer
S1697529455.198180,VS0,VE2
etag
"89db27f2508b4db92e98dfffc5630fa6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 2, 0, 1
3561341ae548a8202e051886c469582c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3561341ae548a8202e051886c469582c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
940eb283e7f42810a413e64ee843ed76f7ec1115026a6cdb46e70de6ce0d4f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3561341ae548a8202e051886c469582c.jpg
age
1270751
edge-cache-tag
326617964690629157078589108620360844914,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
326617964690629157078589108620360844914,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
484
req-referer
https://ads.taboola.com/
content-length
9414
x-request-id
74a191ddc06b79360e2e84f76c214679
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000122-IAD, cache-iad-kiad7000148-IAD, cache-iad-kiad7000095-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 02 Oct 2023 14:51:11 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=16041,owidth=2518,oheight=792,obytes=1566548
x-timer
S1697529455.216256,VS0,VE0
etag
"e460f48011ee782c8247e451929e2e53"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
5f6039a2106dbbcf34bbdca862f39792.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f6039a2106dbbcf34bbdca862f39792.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf5d3695cb60bad76004b8db75efb651b985d2f83fc60f8f050f206278f907f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f6039a2106dbbcf34bbdca862f39792.jpg
age
3027334
edge-cache-tag
384672721441747443254367159911346136591,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
384672721441747443254367159911346136591,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
180
req-referer
https://www.ksta.de/
content-length
61528
x-request-id
559f4edc95083b2977ae22dade95d056
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200036-IAD, cache-iad-kiad7000071-IAD, cache-sna10739-LGB, cache-iad-kjyo7100117-IAD, cache-fra-eddf8230026-FRA
last-modified
Fri, 18 Aug 2023 21:17:42 GMT
server
nginx
x-timer
S1697529455.216268,VS0,VE0
etag
"1006e18ad99577887e2afda216111d15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 129, 3
d6ee034c4bdc54465429a6b62e836a54.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6ee034c4bdc54465429a6b62e836a54.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa8b31ba2bc2fdbc1ce8c71f0e4b5fae9da12faf4dfb7592f2fce67f98096482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6ee034c4bdc54465429a6b62e836a54.jpg
age
1123894
edge-cache-tag
398701854446682383009483067649894524205,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
398701854446682383009483067649894524205,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
153
req-referer
https://theybf.com/
content-length
34756
x-request-id
eb4d8bcf0b67bbbc1b128e67737fef44
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200178-IAD, cache-sna10720-LGB, cache-iad-kiad7000092-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 04 Oct 2023 07:45:49 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=60196,owidth=1000,oheight=600,obytes=399609
x-timer
S1697529455.244788,VS0,VE0
etag
"8296490373a7d2da414fc0c5594122e5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 2
5153289104d6c037fad9cfe432a446f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5153289104d6c037fad9cfe432a446f2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8328344442a822a64cfe6ee16aa4ebb90173a8ea0a203e0f5458e23a525b0ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5153289104d6c037fad9cfe432a446f2.png
age
2301301
edge-cache-tag
534951051638964289779924049201939902471,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
534951051638964289779924049201939902471,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
616
req-referer
https://hsv24.mopo.de/
content-length
9550
x-request-id
9120abb684a801067b9bd5a2b6125a3b
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100098-IAD, cache-iad-kiad7000074-IAD, cache-iad-kjyo7100106-IAD, cache-fra-eddf8230026-FRA
last-modified
Thu, 07 Sep 2023 07:36:33 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=13214,owidth=1920,oheight=1080,obytes=1020711
x-timer
S1697529455.244761,VS0,VE0
etag
"bc50ef79c7ac5b08934ed0d2d974f471"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
3614469-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614469-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5b39f901819fc1f56a56435b3f48e4ec407dd60075cc403fec73879df7bfc43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614469-46.jpg
age
88070
edge-cache-tag
529238286383904463832754038521059713672,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
529238286383904463832754038521059713672,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
399
req-referer
https://news.walla.co.il/
content-length
10382
x-request-id
c301afd53abd068c3b0f429f2dfa27f1
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100081-IAD, cache-iad-kcgs7200075-IAD, cache-lga21937-LGA, cache-iad-kjyo7100056-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 16 Oct 2023 07:26:44 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=15062,owidth=1200,oheight=673,obytes=47522
x-timer
S1697529455.244765,VS0,VE0
etag
"8521e000f29ac0f93c865e950877e65f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
3612065-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/2/3612065-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44ffb03dda1914a5468efbb0d1b70db05a53f49ff509cf87aa56602786756b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/2/3612065-46.jpg
age
602349
edge-cache-tag
312222101072849273253007837449378803585,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
312222101072849273253007837449378803585,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
55
req-referer
https://news.walla.co.il/
content-length
9678
x-request-id
a5818ad9e39d022a63acc970eb774b0d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kiad7000126-IAD, cache-sna10737-LGB, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230026-FRA
last-modified
Tue, 10 Oct 2023 08:35:45 GMT
server
nginx
surrogate-reporting
width=473,height=262,bytes=15401,owidth=473,oheight=266,obytes=12028
x-timer
S1697529455.245177,VS0,VE0
etag
"ff282a2d3fa1a5db32f77a73953e101d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 2
container.html
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A78A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:33 GMT
expires
Wed, 16 Oct 2024 07:57:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
04fb9a19f6851873c927bd64afc3d5a4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04fb9a19f6851873c927bd64afc3d5a4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4433cf51ecf743f83df160c99dd312362e1e9f9dd1b2f5b4feaf86e8d088702e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04fb9a19f6851873c927bd64afc3d5a4.png
age
1117621
edge-cache-tag
537221847384198878143059422061096930817,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
537221847384198878143059422061096930817,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
200
req-referer
https://www.all-in.de/
content-length
47250
x-request-id
eacb4a592d6b69471ef5838d8bfe54c1
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kjyo7100082-IAD, cache-iad-kjyo7100020-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 04 Oct 2023 01:45:03 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=106541,owidth=1200,oheight=800,obytes=1537120
x-timer
S1697529455.320981,VS0,VE0
etag
"5259aeb188bf7d9938910fdd17a3d5a0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b634a00a9cafffb3b011ec6fd398917b8ebe38d7d285b1baa41c156d153a6326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
2469770
edge-cache-tag
533785047141029851524565568207219022138,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
163
req-referer
https://portal.auone.jp/
content-length
9006
x-request-id
5647598ddd23d3b09cd0abf542729615
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kcgs7200131-IAD, cache-lax10647-LGB, cache-iad-kjyo7100085-IAD, cache-fra-eddf8230026-FRA
last-modified
Sun, 10 Sep 2023 20:16:03 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=13382,owidth=1200,oheight=800,obytes=488780
x-timer
S1697529455.324565,VS0,VE0
etag
"f0dff8d74ccdd61333a0fd8ba78e4dc0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 105, 3
f847129abb05542748aefa5ec705d9ac.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f847129abb05542748aefa5ec705d9ac.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a0bd16bfe3b2c9166ee723337f88b77ea96e82927bd552ebf82346a73c751cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f847129abb05542748aefa5ec705d9ac.png
age
2996986
edge-cache-tag
351728606715898406156966688814177778678,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
351728606715898406156966688814177778678,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
44
req-referer
https://www.t-online.de/
content-length
13658
x-request-id
a6858e705257c0aba45b4c2ce83fb964
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100122-IAD, cache-iad-kiad7000156-IAD, cache-sna10744-LGB, cache-iad-kiad7000062-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 21 Aug 2023 19:44:33 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=20720,owidth=1200,oheight=800,obytes=1726149
x-timer
S1697529455.324910,VS0,VE0
etag
"a28be6cc3eaddfa724288bdc52eaa481"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 2
ac3087a1954ab1f6e5cf353bdf9ff1fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac3087a1954ab1f6e5cf353bdf9ff1fb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9af02619f6e7b8db8f2835f873bfac8efb007674a78ae8f572191b6c989a179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac3087a1954ab1f6e5cf353bdf9ff1fb.jpg
age
1901129
edge-cache-tag
418803547888901513156967211830083563457,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
418803547888901513156967211830083563457,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
414
req-referer
https://www.express.co.uk/
content-length
19990
x-request-id
3fff6012cff27f554303319f227b6943
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100119-IAD, cache-iad-kcgs7200085-IAD, cache-sna10741-LGB, cache-iad-kjyo7100107-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 25 Sep 2023 07:22:27 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=45945,owidth=1000,oheight=600,obytes=919045
x-timer
S1697529455.324892,VS0,VE0
etag
"e22757b5b7be3ecf0911babfbd4332b8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
af8968bdfc542cb448f905eb37d5b6a2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af8968bdfc542cb448f905eb37d5b6a2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fa7b3d436cacf1c30c03a37d1374c28c019a79a29aa319d33ef89fb6ef0a1ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af8968bdfc542cb448f905eb37d5b6a2.png
age
671078
edge-cache-tag
573761346586143030348174481978140107380,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
573761346586143030348174481978140107380,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
203
expiration
expiry-date="Thu, 09 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport5.co.il/
content-length
6464
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000063-IAD, cache-iad-kiad7000134-IAD, cache-sna10723-LGB, cache-iad-kcgs7200154-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 09 Oct 2023 11:45:48 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=17878,owidth=600,oheight=500,obytes=502349
x-timer
S1697529455.324848,VS0,VE0
etag
"89db27f2508b4db92e98dfffc5630fa6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 2, 0, 2
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb97d3acf539ffb93eb864d3fb3312f7126732193498a6de5cf234f21fa5ffeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 14:42:26 GMT
server
cloudflare
age
0
etag
W/"039731745cad1d4a3bc03af24d69b2dfa1f6005b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8176fdd8a82c0368-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1269288
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByWsANieVlB8m%2Bx%2FgU88BevhW4iXHWvMqNhVkloSXn%2FToet3Nc2aX9xvZLQzfu4MJ39hcAFrwt%2BS50yjwM%2FzXgtzVToAhxfadppujR0uU5nlBFuY7cxvTDhzZWt%2BGKwZc1wcK8GVNT6J7pjp"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8176fdd81f13bb50-FRA
supply-feature
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/supply-feature?route=AM:AM:V&tvi48=11593&tvi50=13531&lti=test_ctrl&ri=c882fb2a875b8890ae932422b69a9332&sd=v2_b15d76543d58596dc099be8ceec5124b_22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee_1697529454_1697529454_CIi3jgYQk-FcGNS7j-WzMSABKAEwODib4wlAgooQSIKj5ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee&pi=/&wi=7025978351414212080&pt=category&vi=1697529454036&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%222.90625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A57%3A35.381&id=706&llvl=2&cv=20231005-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=09%3A57%3A35.395&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6741&cv=20231005-5-RELEASE&lt=test_ctrl&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12929
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 07:57:35 GMT
server
Google Frontend
x-cloud-trace-context
9626d7a879d080895cc24e5e0d1d3835
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
b175d005-8e13-45f5-a3c1-f5d6f8e18404
x-vad-version
0.14.18

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
c68bed91011e032a17c6c40ee9294f44
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		270 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3541264247940490&correlator=2060247697303180&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Ctop_desktop%2Cskyscraper_desktop%2Crectangle1_desktop%2Crectangle2_desktop%2Crectangle3_desktop%2Cyad2_inner_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C120x600%7C160x600%2C320x50%7C300x250%7C300x600%7C300x1050%2C300x250%2C320x50%7C300x250%2C320x50%7C300x400&fluid=0%2C0%2Cheight%2C0%2Cheight%2Cheight&ifi=19&didk=1193244743~1193244742~1193245114~1193245117~1193245116~1193245119&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7ddee2472e729223%3AT%3D1697529453%3ART%3D1697529453%3AS%3DALNI_MZ3T43v-4SBMek5VT6I4OZ3f5RDpw&gpic=UID%3D00000c9a535e17e3%3AT%3D1697529453%3ART%3D1697529453%3AS%3DALNI_MaOhIda4trAZHyhjmZN40VzC9DEQA&abxe=1&dt=1697529455470&lmt=1697522255&adxs=805%2C1480%2C315%2C315%2C315%2C315&adys=101%2C185%2C519%2C659%2C2509%2C2494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C17%7C18&ucis=j%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.walla.co.il%2F&vis=1&psz=970x0%7C120x-1%7C300x0%7C300x0%7C300x0%7C300x0&msz=970x0%7C120x-1%7C300x0%7C300x0%7C300x0%7C300x0&fws=4%2C516%2C4%2C4%2C4%2C4&ohw=970%2C120%2C300%2C300%2C300%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=23039265.1697529452&ga_sid=1697529454&ga_hid=845497422&ga_fc=true&dlt=1697529451842&idt=1659&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle2_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.20%26vad_adid%3D164d27d935b3f881%7Cslot_name%3Drectangle3_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.16%26vad_adid%3D16329782c48e8e81%7Cslot_name%3Dyad2_inner_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.20%26vad_adid%3D1653755d5c0ff399&cust_params=dxseg%3D&adks=2574293897%2C2790448677%2C2040804355%2C4136504620%2C3491967477%2C4156612150&frm=20&is_cau=%2C%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
094a8f74d2d602e04369bb464d0f30db746df37aa041b20b6e081c8e26c28db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56420
x-xss-protection
0
google-lineitem-id
-1,-2,-1,5707367747,5706811384,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,138351264117,138351264195,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
347772
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8176fdd8dbf49a11-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame EBC3 		132 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
006ed0e9d5729e56b631a21b26b7b7f0dddf203a8f78f4fc816663f362a8f3dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZKkGXARGJu2oGVrBt5CjWDuFjK1r-NZLVvHVrsy2MGFppS4KBowVgmHbuI8IcOYdjeUcRe3j82hCj05ctjMsUm7MX8HTf66GBq-3NZ8JBGBryaNoO8O5Om5mN3ev8yT8HbPT37wJd3UOyGgKUwYpqOzpkpS7Fos7dfhj50gy3Lz_hXoWadFWG1A4y63VOwXMN3_gFNNeO8oFSyUqlEU4qtIGyeyGjayZq-lL4ALG0gJGvfT5hbUUxFbHRf2_k5eOIZ2WmQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47742707
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame A78A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
62984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B4F5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame A78A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
33032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A78A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
489115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A78A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:35 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame B4F5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECzelsHjaJBUM1SuYQyqBL4&google_cver=1&google_push=AXcoOmSgl49Ao-erWD9Vd3zFzzejx6S1KQVm8ACytqO8StDgO1nxJa9rERuMOw__OSrMivdB0vbxzQUyLLT0icoBy2WK7os...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgl49Ao-erWD9Vd3zFzzejx6S1KQVm8ACytqO8StDgO1nxJa9rERuMOw__OSrMivdB0vbxzQUyLLT0icoBy2WK7os03FM&google_hm=eS1FTWI0VnpWRTJwRWVyVnZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgl49Ao-erWD9Vd3zFzzejx6S1KQVm8ACytqO8StDgO1nxJa9rERuMOw__OSrMivdB0vbxzQUyLLT0icoBy2WK7os03FM&google_hm=eS1FTWI0VnpWRTJwRWVyVnZIN2U2MVhQQXBWZ2dCa2tEdn5B
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgl49Ao-erWD9Vd3zFzzejx6S1KQVm8ACytqO8StDgO1nxJa9rERuMOw__OSrMivdB0vbxzQUyLLT0icoBy2WK7os03FM&google_hm=eS1FTWI0VnpWRTJwRWVyVnZIN2U2MVhQQXBWZ2dCa2tEdn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame B4F5 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQIHoCVz8kxHRee-fl92xwsXAe9bkkDVMyTJr_L19rstJz53b_Y9ZcvKXyv8Qy09trej-jPK9psw9y2sY-OeDK5XvNAvzc&google_gid=CAESEL2231Qoc1d3DK5Hr1S-HhE&google_cver=1
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
289041
expires
Tue, 17 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B4F5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELIc6oc5iTG-1vqnCTL5lAQ&google_cver=1&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix5Z...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELIc6oc5iTG-1vqnCTL5lAQ&google_cver=1&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66ur...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzNjMxNTI4NzA3ODk3MTQwOA&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzNjMxNTI4NzA3ODk3MTQwOA&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix5ZDUlCF3tBY59CDo9ugU8
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzNjMxNTI4NzA3ODk3MTQwOA&google_push=AXcoOmRTI20AlrC-OwmhZtEzWHzGjFdmczPld-9FxjikdvB1njyLkc0TSbSzvy6xQdXfake66urVix5ZDUlCF3tBY59CDo9ugU8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B4F5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmT7W6Uib7JJK6BLhQn-RGHmj0zS2GITd...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmT7W6Uib7JJK6BLhQn-RGHmj0zS2GITdAa89etT7u2CGM8czm_dAWCtctWAafktno9hHmEZw2ylDWdb3HMZwJ5jSGYTJuA
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFqdKM1YY9XQ2k4tC6vFs4lmml26dciO1xYo3Z4CGPK69pY%2FjrPxN7Tja4ZgBM7Sy00ZrqvFmkjh8Q8oWtlg5I%2FWP6UIsTInRjAS1zgLrUvY%2FvUPBTpi%2BTUW7Lj5FW4pA9gqOSaiKCib4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmT7W6Uib7JJK6BLhQn-RGHmj0zS2GITdAa89etT7u2CGM8czm_dAWCtctWAafktno9hHmEZw2ylDWdb3HMZwJ5jSGYTJuA
cache-control
no-cache
cf-ray
8176fdda9a5bbb8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ebda
match.360yield.com/match/ Frame B4F5 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEIfqVcL3ccpmhFYn_p2O86c&google_cver=1&google_push=AXcoOmTjbDk3Ezw8YpbcGUZav5XqLhKBHNyfgZjho57AgQzbPh-wfPTybkrqRYzkKv6aiJVnIRfn4ag5r259qt7edupPfV6xzQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.117.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-117-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:35 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame B4F5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSXUICSa-QTO2xmisKdx...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs&google_hm=A0dbr_PzZU4muzLrwZLF32s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs&google_hm=A0dbr_PzZU4muzLrwZLF32s
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSXUICSa-QTO2xmisKdxHSrzRDwFbzYOVAZ91xT83pk_-Z7j0L-mFBcz8-IJ9UqWmTpgK8FWcjga4e3kLhXQuiA8MWp6Cs&google_hm=A0dbr_PzZU4muzLrwZLF32s
date
Tue, 17 Oct 2023 07:57:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX475baff3f3654e26bb32ebc192c5df6b003
content-type
text/html
/
onetag-sys.com/match/ Frame B4F5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDNydLedQoIB9TU0hSyqYgo&google_cver=1&google_push=AXcoOmQtzVNajglyzIuuTSeqPrHe-eTttrFquasl2YhCC15A7d6poNEkKjezZS41kI-iBvlETLSzDYjTSBn...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQtzVNajglyzIuuTSeqPrHe-eTttrFquasl2YhCC15A7d6poNEkKjezZS41kI-iBvlETLSzDYjTSBnKQ_b4U4ZkBokpazk
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B4F5 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lgca_rkuVo2CdrZrl7ZqzxaWywXR_ifRtfkWV7Kwjfl8Afe1wDjZMifJuFxv9H79ufuq28Lg
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
drop_cookie_sw.php
csync.smilewanted.com/ Frame 531E 		0
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fdda4cfa9a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:35 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1422 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
st
imprammp.taboola.com/ Frame 68F4 		422 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&cmcv=&pix=undefined&cb=1697529455730&uv=3346&tms=1697529455730&abt=adxsub-out_vA!adxsub-out_vB!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=cda57b51-ae14-420e-b8a5-a775226425ad&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
194a96a248a363dc6010b5dfb213a50b98d0af560ece8f8559242d2def0455bc

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 17 Oct 2023 07:57:35 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230026-FRA
x-timer
S1697529456.773666,VS0,VE16
sync
am-match.taboola.com/ Frame 604A 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
43b9c218cc8db5c7b04b381ccfd02ffee1488e069009fa838dd64c9b1ceffc43

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 17 Oct 2023 07:57:35 GMT
machineid
3402
server
nginx
truncated
/ Frame A78A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab5d8663f784c5bfc4ab2f65dbea56c31c6206310055e8d6e31673d8e5003c7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame EBC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:35 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame EBC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:35 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EBC3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 11 Oct 2024 07:57:35 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EBC3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 11 Oct 2024 07:57:35 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame EBC3 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=m02iZtJDxlofL4EzmT6r4axU0m5_ShLO5NU8UxVkCaqNYi2KwAIL8lK23BhQbayb4j70-LYLYbwSiYn7qoBc8ShC3pj5QqOMD85e8kIHntHQrCqccO85_YxElF8VFDLs--acMHdhB7Bp9_W85hvzmNc1x9iFurDlbe-WpJMukcNzuFAmhT3FkKIKGw4RQwXZcNTfD0XvCANrIrAotrrOogVePSj718Ya6K9ZAeNNxf-LiHUX9lhsf9I8udYd582PIs44181g64EUNhH5Y_jSeK66akFwQ3DDE5QYEh4SOmXSJfDUud9ziG5VAoDU-4q_sUIFER4zDOXNxoPXWruHB3C6PVmDu72OdlSfNZ-z4o9nt3eul5WtfL_JuZIdK2hQ9VgQOUBAyqlprZdogNlaX-OTn5v0xxCwWC0SXZhk-EL4OfDH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1777910
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame EBC3 		44 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1697529455
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
kjGOetGvJNkfoSv6x4nLAMC7rds5xRoicq00nvPrjIkwQ5rd-5wCAg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 107C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NISw_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
ap.lijit.com/ Frame 0E3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 17 Oct 2023 07:57:35 GMT
X-Sovrn-Pod
ad_ap6ams1
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EBC3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
49310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIFJBQqJ%2FtOQZmnyQVHR9kroNETOq%2Fnwjogh%2BzyNK6wxy%2BbCPDS5sju8Urp7RNJ%2BBm9lDKorVnRbEyE1R4mfYVb2J%2BVRWkNagv7RbemrW6Zilquamjo02h82Gj0Nlv5iOLU3cJk0iRWG7%2F1%2BQRDrHKuB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8176fddada2d3602-FRA
expires
Sun, 06 Oct 2024 07:57:35 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame EBC3 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:35 GMT
generic
match.adsrvr.org/track/cmf/ Frame 604A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 604A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17385

Redirect headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 68F4 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&cmcv=&pix=undefined&cb=1697529455730&uv=3346&tms=1697529455730&abt=adxsub-out_vA!adxsub-out_vB!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=cda57b51-ae14-420e-b8a5-a775226425ad&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 68F4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&cmcv=&pix=undefined&cb=1697529455730&uv=3346&tms=1697529455730&abt=adxsub-out_vA!adxsub-out_vB!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=cda57b51-ae14-420e-b8a5-a775226425ad&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17385

Redirect headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-0IKXjlNE2oRlvvgfSHcV0vaiWKwsAWu57.dbyQ--~A
content-length
0
sync
x.bidswitch.net/ Frame 68F4 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&cmcv=&pix=undefined&cb=1697529455730&uv=3346&tms=1697529455730&abt=adxsub-out_vA!adxsub-out_vB!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=cda57b51-ae14-420e-b8a5-a775226425ad&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.110.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-110-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
animejs.js
static.criteo.net/animejs/ Frame EBC3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:35 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame B4AB
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Tue, 17 Oct 2023 07:52:39 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:52:39 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F
server
nginx
x-powered-by
PHP/8.2.4
RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 46B0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=7112003773
  • https://sync.1rx.io/usersync/turn/9084300851182786757?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-475baff3-f365-4e26-bb32-ebc...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003
0
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fddcaf5a9a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Tue, 17 Oct 2023 07:57:36 GMT
etag
RX475baff3f3654e26bb32ebc192c5df6b003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
1e3a4464-652a-5222-9e55-aa03fb7b946c
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 7406
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=1628199641175996573
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/1e3a4464-652a-5222-9e55-aa03fb7b946c
0
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/1e3a4464-652a-5222-9e55-aa03fb7b946c
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fddc3efb9a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/1e3a4464-652a-5222-9e55-aa03fb7b946c
usync.html
eus.rubiconproject.com/ Frame FF10 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RHYCLAYQAYIkKvuqrRIgAgRJVPZVWy0AAABgYID-AMmYHK7dxLVYK1yO0Vo0GazcEuPCtVb4dqvJZDaarBYmIyAZk8O1m7gWa4XLMVqLJoOVW2JcuNYK3241mcxGk9XCZAUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAADFQWFOL6fdc3OZTf4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxDPbFB_TdevCCIFk0UYAQAAAJA0qqM6MkknqFhU-f__77cCcAUAIGCRZ9R7PIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgVuVKkCRIxM1PzCwgAsOYXEACAjbgBAHgjACfkZKDpdPhc93q5y_e56x5ms8Ou8duVZr_oJMRqMZkMJpPF6ijEbjhb7GaLxWR2AAAAAO78____4xGCLyEaueNB1wMijtXIN1uNNiPXcLWcjTyG5XLiMm5cLo9rMRlNvGfgHRRWVyU6sk9G0U1ml-dz0DBML5_f8jyIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvhAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhiZLBaTkWnlljh3m7VoOHO5Jb6Fya0YThy-yWrkMMxMbtHrY_pYdhvPyuVFggEce5E8LdKJxjiczCyWhXG3mhiHy8HC5dxMRpPJxLZcODebyUQs0Zws0onssq84ViPfbDXajFzD1XI28hiWy4nLuHG5PK7FZDTxVyaLxWRkWrklzt1mLRrOXG6Jb2FyK4YTh2-yGjkMM5Nb9PqYPpbdxrNy-Ruz5W41WY5Wo31jttytJsvRarTvMJmeqc_Z6LplHB-d05u6ddU3p0HhMli8P4lpMe3ODp7f7-g0uVTXgs7o9_v9fr_f7_f7_Qat52A2KHy_l0NrvAXVo7N33DgYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0opeIJYLTRTrROEwvn9_yvKj_qCFGs7luMFcsdnPhaJUAAAAAAAAAACzBNNNNAAAAAJwMajjZbFbrdDCT1XC1WC0XwAXMpK6fV8DiS0mSvl1hgUoV26D18MUae6zhHmazw2l26x5ms8PKAC5cvplt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAABAvw9IKjkzMzNTk19BbFabxf4BqBBrtVrdbqzVagUsuNlssZvA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 07:57:36 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ec5e61a26ffb84b205156b7d8dae020434e7a198a29108201614305e333cea05

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 Oct 2023 07:57:36 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://news.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		360 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnews.walla.co.il%2F&PageUrl=https%3A%2F%2Fnews.walla.co.il%2F&PageReferrer=https%3A%2F%2Fnews.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fnews.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.199.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-199-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8898c778613fdfb05dd8e275cb973c9fcb2aca9a3d9749469d4e06df063eb37d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
86
content-length
360
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
2214040
bs.yandex.ru/prebid/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
last-modified
Tue, 17 Oct 2023 07:57:36 GMT
x-yandex-req-id
1697529456026563-744339384767620499100188-production-app-host-vla-pcode-431
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 17 Oct 2023 07:57:36 GMT
bid-request
a.teads.tv/hb/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 17 Oct 2023 07:57:36 GMT
auction
tlx.3lift.com/header/ 		19 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fnews.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.245.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-245-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8176fddc1aca1c36-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e012dc59356ab83a7589dd44a9f9ced103066261a7115c3153ae58990f18a409

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		392 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=2718f0f8-702b-4e5d-9078-bee341928c4e&l_pb_bid_id=19128a733bb98935&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ce2154b7-34d8-47d3-bd6d-c5deab06e3b1&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.9428871050395053
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c7eb4f46ecbac9d9889c868df8ac511d6008af7b70aedffb2400f3ccb6b759f2

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
392
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		60 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8176fddc2e69bbd7-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=34019750304&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
be50a73a0ac75ed027dc3511dff61c388b807f7fd334c0d48cc2b8af522656e3

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		140 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
82d7aaa73a238f49789971c586fc94f2ef0d284724097c87833b48b9fd65caea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
an-x-request-uuid
bc86ab8b-9596-4c1a-9370-4641e5489816
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0974c57da9391b649938b6aea99f0e9b9fdab6c0524d2448228bbcb478d27fb1

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eW4jn0T0NrZ4kMXDk3rPKe4Mg5Wo2oqvVwB3E9cwX6Xfyq5DBwocuc6RHJsp8ALD3yfMIWc%2Bgwz9nnnWuHYPPWojSMphU2ZM45M4hB0HIKZk2cHBP3Lxi6wOTiIBsgXDwlQu0i4x"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8176fddc5864994e-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
container.html
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 45AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:33 GMT
expires
Wed, 16 Oct 2024 07:57:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B196 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:33 GMT
expires
Wed, 16 Oct 2024 07:57:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
winner
hb-dot-valuad.appspot.com/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 07:57:36 GMT
server
Google Frontend
x-cloud-trace-context
897e3cc1cf40d0969d163af1607e1934
x-request-id
undefined
view
securepubads.g.doubleclick.net/pcs/ Frame A3DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9PA_fTMSex7oHfq3x6gSTTwy1t0gqhuqvFZHFi0vNtVs16X1FdsPSl51ncIRwISOqemMAUJpRBajE5Rj1IDmzL_kbnUOVplhPhZ53zgw59IC4FxOXVOl9jjCe0b-1BQJfG8LXiYXgw9K53KL9ihSDU4erQI-NRx0AabXU7eSSNPEY4U_HoQNpRpWmmkqjReGoaBwph9vcnj1oSj5yaInFzI-n-kOVTCBBoOUOn0Fqf2JbdyVwuF4VUoZ2JTXu6-NhD9cqkB0kogoJc92hPPki96mYEfSTjNrNbTAXQluYAjwcSoxgsovqzxi_ewOnRfrFs2kSo10YF4Nu76ZJy6tbsGr6w9sEtO8gLhD2NJUU1nTvbIXVl2ai4A2R-zuUAoPaKnVTOhvqIRY&sai=AMfl-YSY0gibDjQdCpVtEToGqP43WYDgHpOxwDpMxKCYotXlJvEKMbS_w2DB-pe-NOAAAV3ZiOxnqaNSKlpDSzQvktx16CiKx6vWnSVnx7sYblVr7LIWx5-zsWBwZwLwuA&sig=Cg0ArKJSzAlf3Vackg6VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winner
hb-dot-valuad.appspot.com/analytics/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
83c4338f-35bd-4a3b-a10c-a6ba8a3fa0d8
x-vad-version
0.14.18

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
4a8c99f30b8ef90959b59e91c5da2414
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
sas-banner-1.3.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame A3DA 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1a49bf674b1157e5f256fc76d3f30f9ca80d6b7fe112180f8d386386e01b74d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 12:01:33 GMT
Server
AkamaiNetStorage
ETag
"0c3047e8b53610ea1a1137e22766d22e:1693832502.034692"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12679
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A3DA 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:36 GMT
winner
hb-dot-valuad.appspot.com/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 07:57:36 GMT
server
Google Frontend
x-cloud-trace-context
8b00b09231f631891c58140c1af81bc6
x-request-id
undefined
view
securepubads.g.doubleclick.net/pcs/ Frame EE83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7kALIOsAB1o8XOXVKNnOB1_LiQxN57fvvJFu2_jwQDqjDdj-Nv9krn8x6I_VzkYQJYw32KXjVaMhCPSjIDqx6oPwwFlcaAIXMwvDy4vXMfy2ZiXcPHDed-Zl47bOn2yxaXgv7LKgV6m5beq-jynifv2MsDMzeg3C6PijUk5JA9jfC3MqpnXbg7QcjSSecxeRAaqaDoQ05yL-B6HwB911LVdVVprUVelGg7RggEKSGpAqMHD9MPFqhib3zLHU818jOyLcxEWoopZRBYoRCiCobesmydZ-rhG17sC7kEgQSuE3JgZcUx2kbbfjNzWEHwG7oJav9MrLi-jg9ChfutxgXiVbRygMGTtqfYqKZHPnHVLTrmo9nCxUii2Vbzvgs5LnYMWeCE7OvxZs&sai=AMfl-YT8yus7kKA-T3Zsb8y2dY4K5cVlGiMecpHJRr3geDWSyMEh7bv91A8Zho2A4Oi-KeLWbSTQjy0rjnmnhbyZPfp3LqH2nRHo6LoF4cdr26YtxJ-E_2qDRTV5VzhGBw&sig=Cg0ArKJSzIDXxWgy1dFJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winner
hb-dot-valuad.appspot.com/analytics/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
3afcff78-a797-4a87-a1e0-4087b1c6ed00
x-vad-version
0.14.18

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
f6c17997769ed37fee596d985432894b
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
/
track.adform.net/adfscript/ Frame EE83 		948 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=63416572;rtbwp=ZS4-bwAAAABUqCe73DHipUw0w99TMVUH4tgGBA;rtbdata=V6Mthunvg1N7BExbaAafUpGBoXnguRz4UeUBIvgBw6stXro8eXNkzVyDryRVrodCjQjNxZLSB-TbXBOLVHlNjU2dpph9fnaaYrhWGoL7eTCn1tqZoqCbHlIZqeObP9kCAmrr1TRd8AkB9lTzRKk6srUso8Fw02BoKYn8hTqZDzJlu-LCe9EAM_ehkK2dgQXwpDQBYHbWPTCyCuHmoIJK_fRKhO4Ol1iBvw-Xx7VRQHiyUBkNx2AAzA2
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b5fbeb0f1e41cc05ee98cca3e87ed085253ed6d334415806f653722bbd0c45d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
807
expires
-1
29d0eee4-20f9-4e77-b0b5-cc96afe36bc4
a5158.casalemedia.com/impression/v2/715831/111/ckn3srpfosebdee7jhf0/ Frame EE83 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5158.casalemedia.com/impression/v2/715831/111/ckn3srpfosebdee7jhf0/29d0eee4-20f9-4e77-b0b5-cc96afe36bc4?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1697530055&profileIDs=&creativeID=b3a00e&pubID=191074&format=banner&channel=site
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.72 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 07:57:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE83 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:36 GMT
container.html
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 623C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:33 GMT
expires
Wed, 16 Oct 2024 07:57:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
imageproxy.eu.criteo.net/img/ Frame EBC3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=156&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230502%2F6c678b4c3aaa4eb8985bff7ee55cf9b8_stepstone_job_portal_negative_rgb.png&v=3&w=196&rid=4&s=_xjZ5NTpKTqUY4tRsf2YGUM9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3209947ef5d4b55b88a7e0d39ab85696dc6703ac784b476abc58c7b28463d79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4848
expires
Fri, 04 Oct 2024 03:42:41 GMT
img
imageproxy.eu.criteo.net/img/ Frame EBC3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoJohanniter-GmbH-Evangelisches-Krankenhaus-Bethesda-Monchengladbach-203396DE-2306091434.gif%3Feb%3D1&v=3&w=400&rid=4&s=qPWU8i4PyRncGJWgSziuGEcW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e7329210d9782758550c9108738a480c6b823803cca3948783d0db662da3b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
content-length
7354
expires
Tue, 17 Oct 2023 15:43:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame EBC3 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoFrischemarkt-Rother-KG-303798DE-2206131121.gif%3Feb%3D1&v=3&w=400&rid=4&s=MZADgT2tnSWdvci5upxsA4xt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a5937814276c31ef31eed72014d740ba9490725b7a111fd84a6a53286058ef56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591956
timing-allow-origin
*
content-length
9598
expires
Sat, 21 Oct 2023 16:09:20 GMT
img
imageproxy.eu.criteo.net/img/ Frame EBC3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoEngel-Volkers-Immobilien-Deutschland-GmbH-264749DE-2301181426.gif%3Feb%3D1&v=3&w=400&rid=4&s=H1SWezGiM7M0_i9JslRbkO_l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2f6ec64287ac2f79478be46fbc4baab431af199cdce83907d77535005b2f6d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86374
timing-allow-origin
*
content-length
3758
expires
Wed, 18 Oct 2023 02:35:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame EBC3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoEDEKA-Bauer-240993DE-2001281654.gif%3Feb%3D1&v=3&w=400&rid=4&s=tGU79zMV6EqpXhtTDtAAAiBH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c425429b587ed63b1b30b403245b414259e0fa93edcacfa8bfe8d334fc63c2a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=85500
timing-allow-origin
*
content-length
15908
expires
Wed, 18 Oct 2023 05:32:03 GMT
all
csm.eu.criteo.net/ Frame EBC3 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZKkGXARGJu2oGVrBt5CjWDuFjK1r-NZLVvHVrsy2MGFppS4KBowVgmHbuI8IcOYdjeUcRe3j82hCj05ctjMsUm7MX8HTf66GBq-3NZ8JBGBryaNoO8O5Om5mN3ev8yT8HbPT37wJd3UOyGgKUwYpqOzpkpS7Fos7dfhj50gy3Lz_hXoWadFWG1A4y63VOwXMN3_gFNNeO8oFSyUqlEU4qtIGyeyGjayZq-lL4ALG0gJGvfT5hbUUxFbHRf2_k5eOIZ2WmQ&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EBC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EBC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
smwt256.gif
us.ck-ie.com/ Frame 9639 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 17 Oct 2023 07:57:36 GMT
Server
nginx
usync.js
eus.rubiconproject.com/ Frame FF10 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52035
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:51 GMT
6636315287078971408
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 8079
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6636315287078971408
0
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6636315287078971408
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fdde68e19a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 17 Oct 2023 07:57:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6636315287078971408
server
nginx
k-ZPFO3leya3A7o-h8c4itaCQ0N3vVe6wc1QirpA
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame C296
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=1e135102-b05f-4d...
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=wrG4jF9tbFdLTVlUZFNrazZJV09udThoZ1Rqa0hJTGozUVUlMkIxYUt2RUYlMkZndHdPVnppbDFqJTJGWSUyQk1OSkZ3QVI1biUyQmtHZWhqenhtWUZGN0l1ZnhndWRGbSUyQktvbDdKdFlIV...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=wrG4jF9tbFdLTVlUZFNrazZJV09udThoZ1Rqa0hJTGozUVUlMkIxYUt2RUYlMkZndHdPVnppbDFqJTJGWSUyQk1OSkZ3QVI1biUyQmtHZWhqenhtWUZGN0l1ZnhndWRGbSUyQktvbDd...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-nlH9n1eya3A7o-h8c4itaCQ0N3uFoeF8AegIZg&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=wrG4jF9tbFdLTVlUZFNrazZJV09udThoZ1Rqa0hJTGozUVUlMkIxYUt2RUYlMkZndHdPVnppbDFqJTJGWSUyQk1OSkZ3QVI1biUyQmtHZWhqenhtWUZGN0l1ZnhndWRGbSUyQktvbDdKdFlIVFRlSUR...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ZPFO3leya3A7o-h8c4itaCQ0N3vVe6wc1QirpA
0
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ZPFO3leya3A7o-h8c4itaCQ0N3vVe6wc1QirpA
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fddf59e49a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:35 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ZPFO3leya3A7o-h8c4itaCQ0N3vVe6wc1QirpA
server
Kestrel
strict-transport-security
max-age=31536000; preload;
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?tvi48=11593&tvi50=13531&route=AM%3AAM%3AV&lti=test_ctrl&bulkSize=9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
date
Tue, 17 Oct 2023 07:57:36 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
17037
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230026-FRA
pragma
no-cache
server
nginx
x-timer
S1697529456.325219,VS0,VE12
content-type
image/gif
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
968afe16731a1316af192e9dadb1ab2
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 440A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/968afe16731a1316af192e9dadb1ab2?gdpr_consent=&gdpr=0
0
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/968afe16731a1316af192e9dadb1ab2?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fddee9729a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 17 Oct 2023 07:57:36 GMT
Expires
Tue, 17 Oct 2023 07:57:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/968afe16731a1316af192e9dadb1ab2?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1697529456389075-545
v1
match.sharethrough.com/universal/ Frame EFAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.218.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-218-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame B5D4 		153 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
277c9dd4065addcf4eb345a0112dcd77761185a4db2331001e80970a1a054103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8IwUWARGJu2oGVrBdZe9cP0_Ndq7QfWSWVFrOMYDoXRzYez3JtMI5A8_-wLe7x8nzw3PfVkX6hkeDWE1x2fDXtvmuiehCMNadF2vmTPtgdXGkVQUhEcsZH8XvrWKwvpdUozSUqdnQNOc_qm40tgofJVWKjEVr2p44kkruQSM22oFwHXMIQzby8LLImsVp-SwS4kR5owmmaRTt0LVZOL7wn-dkuLWGcrrLZwVfN4crElTuIcYt0Ox1BWM9PUIF9S-esH1aQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
56505102
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 45AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
62985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5E01 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 45AE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
33033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 45AE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
489116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45AE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:36 GMT
css
fonts.googleapis.com/ Frame B196 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 07:05:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 07:57:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B196 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
32713
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame B196 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
32754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B196 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
62985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9382 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B196 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
33033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B196 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:36 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame B196 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 09:30:05 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame C53F 		184 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d76e2e9990c9a434da0173d048abe53169e336d104b61a25dfdb129d0d9340d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:35 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fTed-QRGJu2oGVrBIDNpdKafRQ5exzgU8y91w-g6mgHQsjotEpHVpHo82sZNx2rubAj1fBorwVH1xfvCWbw7ts-N4xguydQr2N1oWpTkLxXyfx7rt2QDum-Yr1PKjTUHDTySnarM2z-LfafkY68oc5-2EGPsMefGvpysJ4GUjbnVKKOG_dS0goxUs1aQEXG238ufuoGWLu7hf2Bh_pYBzLuhJw1ckkrSLsxWDA7oOKzisYzOe-B8k8F1ooLWDn6oQCUioA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59871474
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 623C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
62985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3478 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 623C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
33033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 623C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdmpkzLBCphFsUoFSiC_s_H7nFm_tx4nDEl938UfHFGRB_Oli8rJikKsem-vIRTE747qgLe40elO7BdZfrz9006doLDQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 623C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
489116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 623C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:57:36 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 17 Oct 2023 07:57:36 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
5388
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1697529456.487917,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
62
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
4784
js-error
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/js-error
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
8a91fcd5-9e97-4292-8c74-33ef8b944144
x-vad-version
0.14.18

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
89e9be68885bb3e3ff4146078a17a0b2
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
js-error
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/js-error
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 07:57:36 GMT
server
Google Frontend
x-cloud-trace-context
250a6739395b9f5f18711b2574eede1f
x-request-id
undefined
shopping
encrypted-tbn1.gstatic.com/ Frame B196 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRsgKK3ntMHhqSYqTnmD2SdXIRnzGXQVEHDjfb4nk6eHGHgtIslML9mALQeLA&usqp=CAI
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3555c058855730d81fe3e5b22f38513699691bdc51edde3a603da89748594dab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:41:34 GMT
x-content-type-options
nosniff
age
317762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20845
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 04:29:43 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Oct 2024 15:41:34 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B196 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQrL5lPPCzf7rqXdwYEp9yH-yxJeX8tbzftArhjOd38WPUpvqcMPW4c0TajeD4&usqp=CAI
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d759b0878335a560f2263a671b7c6356946feec5d32f106189a7b59fed46c87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 11:47:38 GMT
x-content-type-options
nosniff
age
590998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20212
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 09:15:26 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 09 Oct 2024 11:47:38 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B196 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQeeZu46muJA9QzdJZV0A-vonIpKqA5AOW2xhFUnJpKKf4Txu3fK4_fNUWRzg&usqp=CAI
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ecfa9eb434486aa13a01e91438c17a60dcca125e93f34f508990991f107d57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:04:53 GMT
x-content-type-options
nosniff
age
345163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24861
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 11:00:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Oct 2024 08:04:53 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B196 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ6VFXeHyJ7gvSjPrO9WKPRNfvOFgfjrDZNailwVxjT2HR8xkt6&usqp=CAI
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:47:41 GMT
x-content-type-options
nosniff
age
374995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21587
x-xss-protection
0
last-modified
Wed, 10 Jul 2019 07:52:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 11 Oct 2024 23:47:41 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame EE83 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=63416572;rtbwp=ZS4-bwAAAABUqCe73DHipUw0w99TMVUH4tgGBA;rtbdata=V6Mthunvg1N7BExbaAafUpGBoXnguRz4UeUBIvgBw6stXro8eXNkzVyDryRVrodCjQjNxZLSB-TbXBOLVHlNjU2dpph9fnaaYrhWGoL7eTCn1tqZoqCbHlIZqeObP9kCAmrr1TRd8AkB9lTzRKk6srUso8Fw02BoKYn8hTqZDzJlu-LCe9EAM_ehkK2dgQXwpDQBYHbWPTCyCuHmoIJK_fRKhO4Ol1iBvw-Xx7VRQHiyUBkNx2AAzA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
khaos.json
token.rubiconproject.com/ Frame FF10 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A78A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLiWebj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSjAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKqRnsoiEdFaYl2RpqMhODImVaPAFYsQQiz2c0PhU-t0fCvmy1NTNeAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=5bX_yOm5tWY&uach_m=[UACH]&cid=CAQSOwDICaaNOk0xekpjyvh0EOO31kqqpnjIM9moftxc__eRSAc6ZZRF6UWd4UvPrNNBZn1Rs8_ZW1RnxGSUGAE&cbvp=2&vis=1
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame A78A 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF7r5RMoHUJ2DYgICAAAA-ErnBP03rxhTB8acPC0eDxBuPi5lqHNRPldnwNuclQAAEgAACgpBUVVCQVFFQkFR&wp=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&cbvp=2
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:35 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
174137
server
Kestrel
content-length
0
/
track.adform.net/adfscript/ Frame D8DE 		969 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=64491512;rtbwp=qdpTP8YMF_G10afMQO2g3826Z16GeCAxUFdFDw;rtbdata=N61IswdOU8ab0V3rj5S5sxAHjoHRvBBOcdVrDJsoL377FZZc_u_Curo5sMud8uCKbSNP88VQ5iUtUH7zySkCfEOVYWpEj7gxYsbexs2CofQgXUhfucjMCX3OsHZPIAv4UwRUjpYNjdenLYD-oczoYGulL2BivjAeSyrE_eiUpqcGKw06CASp8jf_LWAWORV_IXQM4_dHtAx4W3Hbhslx-papLHPk46l7TPcsWbOye5M64r9GpocpM7Db7MwGddVgomN1-c6UvUo1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f4ed7d95f391006e2d5ca09f472be4b1a5c7bc57abb4e972e2385073ecea196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
833
expires
-1
aip
euw2.smartadserver.com/h/ Frame D8DE 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw2.smartadserver.com/h/aip?uii=5357541182710068117&tmstp=185943497&ckid=1543975683258088756&systgt=%24qc%3d1500031714%3b%24ql%3dUnknown%3b%24qt%3d25_0_0t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100&acd=1697529455074&envtype=0&opid=e18f916e-3259-413e-9500-c61d18f53b17&opdt=1697529455074&siteid=521170&tgt=%24dt%3d1t&gdpr=1&bldv=13808&visit=S&statid=6&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fnews.walla.co.il%2f&cappid=1543975683258088756&capp=0&mcrdbt=0&insid=10976574&imgid=0&pgid=1628762&fmtid=114103&isLazy=0&rtb=1&rtbnid=4398&rtbbid=4488972481300310426&rtbh=01bdc76932a4ede6a5ae0e69abacab61d5349bfc&rtblt=638331262550923952&rtbet=0&rtbptnid=22&cftgid=c7388f40f624
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.225 , France, ASN16276 (OVH, FR),
Reverse DNS
ip225.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
action
adapi.smartadserver.com/track/ Frame A3DA 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adapi.smartadserver.com/track/action?sid=1697529456146&pid=1628762&iid=10976574&fmtid=114103&cid=0&key=impressionOnRender&rtb=1&rtbbid=4488972481300310426&rtbet=0&rtblt=638331262550923952&rtbnid=4398&rtbh=01bdc76932a4ede6a5ae0e69abacab61d5349bfc&ts=1697529456146
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
transfer-encoding
chunked
content-type
image/gif
truncated
/ Frame A3DA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b606301c716b9ff89ec6e449fd41a54ec596208c95ab9ac2c49a92b27528e02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame B5D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B5D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B5D4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 11 Oct 2024 07:57:36 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B5D4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 11 Oct 2024 07:57:36 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B5D4 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0ElKeyAkGUou-_w-dg1ui_XWDF6iM9dO3GgHjPCx1HDsNuJUzwPGTpiFBzSrqHcM_l6VOO2L8XROxM-JgIZHsUNEUGytlli38I1N_Xup3R5-EIehkSSS1cpw86idtkpCRaYBgI0Q9j-EbwJAorKgGu4X_Qz9FvclB96vCizEUnP7-XSr-K-4Of2N9UCPXLfBkFqlk76K1wzvuU5eNiZnbFlfZ2vQ9ydbW-Ypw3Hw3TqlmMiuEC8wKCgabIrD3Z6RYWOZqb9ccXPQjvjsQldylNUz5tV0DaYzG-tgRyLI8mhyPqX_Y46JOf25YUtA714btSL6C_wIMkKzHfjfjZEZSy55KYrGBXHr24RvAHV_Yhaxn0sXlvTVU7DFcFu8X7H_ZuMV7jMwFKzO5AaQ62GhyTWivmWNbiReYW3NqfZfNYlFe9e4
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2106603
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame B5D4 		44 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1697529456
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
ohgW5xF-4beJ9-_zhcAa438bX8fCUr8z3Xx0IREA1d5MQYDGOGyqQQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E01
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyGiEldbsguxgREBdBji38&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Tm83akZQRlMxUVNFWG01&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cver=1&google_push=AXcoOmQ7ilAU7_iG9AoiZdB7BzDiPfi_Fkp0KIjJB4ehKNh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Tm83akZQRlMxUVNFWG01&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cver=1&google_push=AXcoOmQ7ilAU7_iG9AoiZdB7BzDiPfi_Fkp0KIjJB4ehKNh3wmKnI-eP2xo6zMLeNzxvYuGR-6lorhHVlLG1_d9WQ9GgK4QxGXYH
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 07:57:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Tm83akZQRlMxUVNFWG01&google_gid=CAESEMyGiEldbsguxgREBdBji38&google_cver=1&google_push=AXcoOmQ7ilAU7_iG9AoiZdB7BzDiPfi_Fkp0KIjJB4ehKNh3wmKnI-eP2xo6zMLeNzxvYuGR-6lorhHVlLG1_d9WQ9GgK4QxGXYH
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 5E01
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_Ix...
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8176fde16884bbda-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
12
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRQQCuWRHjlWXyO8Jq7Nze_vbNXub5fKFZoB1XKjSkXLfkfOe1AXs7ArNAN8_7BeIT4h-mAjATn5wXMQhmnkCrhyqiR_IxO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8176fde02f4cbbda-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E01
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAgvRdRDqj6bT6j6-vTpsDs&google_cver=1&google_push=AXcoOmSTJQC9qoiIIvXfYt-NHENV75zyZR2X5a56HFegQSg2fSSRlFwkr9G-jckQK4ebQnsBM7RHG7-E-_E...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSTJQC9qoiIIvXfYt-NHENV75zyZR2X5a56HFegQSg2fSSRlFwkr9G-jckQK4ebQnsBM7RHG7-E-_E3j3hfeLZNOUNO64s&google_hm=rYKYWbllSB-P7Z2Jcr6AtFQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSTJQC9qoiIIvXfYt-NHENV75zyZR2X5a56HFegQSg2fSSRlFwkr9G-jckQK4ebQnsBM7RHG7-E-_E3j3hfeLZNOUNO64s&google_hm=rYKYWbllSB-P7Z2Jcr6AtFQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSTJQC9qoiIIvXfYt-NHENV75zyZR2X5a56HFegQSg2fSSRlFwkr9G-jckQK4ebQnsBM7RHG7-E-_E3j3hfeLZNOUNO64s&google_hm=rYKYWbllSB-P7Z2Jcr6AtFQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E01
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL0dulR0O3NGe&google_hm=Hf_9uGZHjl-k1XhFTA6m4G46
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL0dulR0O3NGe&google_hm=Hf_9uGZHjl-k1XhFTA6m4G46
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 17 Oct 2023 07:57:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmREE6MSeI0QiYmpT2xiVCHa2rmaZPzzgSHtXKtQDPvRfUoXFR5fIWX99O3Pi0JqTGOZGWJFCmgfy6gPBxNXL0dulR0O3NGe&google_hm=Hf_9uGZHjl-k1XhFTA6m4G46
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
-
s.ad.smaato.net/c/n/// Frame 5E01 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHPx40mQgcMbaCb6dVWn-0Y&google_cver=1&google_push=AXcoOmSgcGtVjE2Kp2pmEjy-8QqujSEg9cwq1EgLukPkGma7fO3IH9i5PA6-NBYO3iXBX4rcnxvOq7D9q234AwY22mzzQ1NqRoAO
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
cache-control
no-cache, must-revalidate
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
nc1MpHCh4kYbY2E2eQlqeHBKvDVzpgChtZUVQZY81jMXtUqKBWOx3g==
x-cache
Miss from cloudfront
ebda
match.360yield.com/match/ Frame 5E01 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEIfqVcL3ccpmhFYn_p2O86c&google_cver=1&google_push=AXcoOmQOMjHKzKgCYHzGPmdZFbmGe1nTZ_RdnBXvg3Hk8rg-FUiW2Atii0wD0zkIm3IjjAnrtifQh3hbsq7Dlmskzg6IjombpYk
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.117.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-117-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:36 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 5E01
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDNydLedQoIB9TU0hSyqYgo&google_cver=1&google_push=AXcoOmTm5DI7-a7BgekaJEywI5kjHdqxhl67E6QCRIxN6HWUU-FlwkgDXniDkFtaqexb4RU1kfCwVjCo4gp...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTm5DI7-a7BgekaJEywI5kjHdqxhl67E6QCRIxN6HWUU-FlwkgDXniDkFtaqexb4RU1kfCwVjCo4gpPikh5hV-kNBmUy7eEew
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5E01 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LV_txDANXj-4BzzHbRbM0Y_PVwTsZavbLPznby0Lzek9wG4ZatZT_5vqaTfkjIKupfLypNmQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame C53F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C53F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C53F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 11 Oct 2024 07:57:36 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C53F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 11 Oct 2024 07:57:36 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C53F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ak6tlG-2PsoXNUE3DUnqaMcmwTeSpt8KshuLc25shBSYvVCqlLy9ZzprY8fwM-3iTpsEzPskFdiIc0W6eCv5NIt8XViyA1rjOMk87IDq_TwtzfL-02ZlfMAzDH3yzNNv3jrevKRNxPUpY77uLtLbtAeiOpTGW5Tln2_V4hwZsNriuvrWIJEMCdqTFFJuYISS60yp4KjuH53bi1ANrc40YWVA-U_23HeXeI92Q4xebHpWQ8n23m3couIjsofD_y5JXNTZqwKzgQWUYioR_Vx8aQmN81NKnNW64Ow-ZBF3UL3SQXYz_Ix-5gqyFkkKxNxrunXHCtS8C4cj9ghQkaxaoXClMJ--tNq54-4vMT97KmWXQoEbLDovneCB7YkHCW5Yd3wNsjJa8yikMZzZCarxsQTkeGCy9j-v_mXNJ0u0vkOg-9DV
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2395088
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9382
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENNB0WMoAU2RpD2980tOBAI&google_push=AXcoOmQ-1FuZeZ_SXExEnvhMwOlaAACIY7GlLQk48iNr3q7QvBSjyq802s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENNB0WMoAU2RpD2980tOBAI&google_push=AXcoOmQ-1FuZeZ_SXExEnvhMwOlaAACIY7GlLQk48iNr3q7QvBSjyq802sAdPkaPVYv7n7_8DllZo3SEnCV21INpI2Fa3oF9yxt8uw
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230033-FRA
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1697529457.664975,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENNB0WMoAU2RpD2980tOBAI&google_push=AXcoOmQ-1FuZeZ_SXExEnvhMwOlaAACIY7GlLQk48iNr3q7QvBSjyq802sAdPkaPVYv7n7_8DllZo3SEnCV21INpI2Fa3oF9yxt8uw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 9382
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAgvRdRDqj6bT6j6-vTpsDs&google_cver=1&google_push=AXcoOmS9791KdHcCsQzE90PDhCxKVdLa2j9JMlmUjTOIaDhLFek6TIu4Q83n1j0keriQGo-dekQw3kbAiBs...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS9791KdHcCsQzE90PDhCxKVdLa2j9JMlmUjTOIaDhLFek6TIu4Q83n1j0keriQGo-dekQw3kbAiBsxfiA-2jGD9UX5zRBo2Q&google_hm=u_yoGAeeSSuhpYXVvY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS9791KdHcCsQzE90PDhCxKVdLa2j9JMlmUjTOIaDhLFek6TIu4Q83n1j0keriQGo-dekQw3kbAiBsxfiA-2jGD9UX5zRBo2Q&google_hm=u_yoGAeeSSuhpYXVvYygnVQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS9791KdHcCsQzE90PDhCxKVdLa2j9JMlmUjTOIaDhLFek6TIu4Q83n1j0keriQGo-dekQw3kbAiBsxfiA-2jGD9UX5zRBo2Q&google_hm=u_yoGAeeSSuhpYXVvYygnVQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 9382 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF9a7r02xLdGTHg_r-Q_Ljw&google_cver=1&google_push=AXcoOmQbtn-f81xLf4ncaLktlp6z_Ojd1aKzpqGrLZt_BjYTdutPSbQKvhHn4BzBmNNCf0m315eJ-AdzP36K0pIVPHuix1Ee1U86bw
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.110.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-110-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9382
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MaTJBDGLRJOpbLUaH3ZLlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MaTJBDGLRJOpbLUaH3ZLlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT1r2PxOylHjVAfjoLPo9-p-86H7eHFBaRa1w4RivIVmAbdHRkALn4sNobEp-hPoozALRc1m0SpclbXbqo1McgEGHSdsnB9CQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MaTJBDGLRJOpbLUaH3ZLlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT1r2PxOylHjVAfjoLPo9-p-86H7eHFBaRa1w4RivIVmAbdHRkALn4sNobEp-hPoozALRc1m0SpclbXbqo1McgEGHSdsnB9CQ
date
Tue, 17 Oct 2023 07:57:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9382
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELsqk9MHIOcAwUtcB6X4zNQ&google_cver=1&google_push=AXcoOmTspw94lcQoHmc_IZy1Z4e-XE-5xIGFx_rkRcVhOREbaE6RGX2i09EH9BZkMHku_c_VtI1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5VMTdJRUItMUctRzZSMg==&google_push=AXcoOmTspw94lcQoHmc_IZy1Z4e-XE-5xIGFx_rkRcVhOREbaE6RGX2i09EH9BZkMHku_c_VtI1kORYvXkyXksdycmvKbpJB6kakaQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5VMTdJRUItMUctRzZSMg==&google_push=AXcoOmTspw94lcQoHmc_IZy1Z4e-XE-5xIGFx_rkRcVhOREbaE6RGX2i09EH9BZkMHku_c_VtI1kORYvXkyXksdycmvKbpJB6kakaQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5VMTdJRUItMUctRzZSMg==&google_push=AXcoOmTspw94lcQoHmc_IZy1Z4e-XE-5xIGFx_rkRcVhOREbaE6RGX2i09EH9BZkMHku_c_VtI1kORYvXkyXksdycmvKbpJB6kakaQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9382
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmSO3vtvpAOslNWVNpF18S0e5qntTpeyk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmSO3vtvpAOslNWVNpF18S0e5qntTpeykuM_ajjmFpb8oIHePogr96jVB2RZGFVCQR9nfKKVjuHVN3e9EaNfTZyPU1GpkxSu
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgPHhgq%2BTvUD9Bo1oPcwrR8cVWQ6flhUfggZvFOyP9VMK5d8S5g%2Bs9gXKvrKFKvZTBrNFMmeT8rFooVDZ9fr9PHFP3HHsFGCambX0Dy7PF1CgoaahzA%2BHu2EGjP4rg3c7Fhi%2BxIjH7lC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&google_nid=index&google_push=AXcoOmSO3vtvpAOslNWVNpF18S0e5qntTpeykuM_ajjmFpb8oIHePogr96jVB2RZGFVCQR9nfKKVjuHVN3e9EaNfTZyPU1GpkxSu
cache-control
no-cache
cf-ray
8176fddfebd9994e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
csync.loopme.me/ Frame 9382 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9382 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0ZPOQBDb2l1Md7r7kWXAzVNf-V5nP6WJMvHiRhok0-Iv87xo77QjmpAfwzJt1hHWwbgEwrg
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 3478
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYK...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdM...
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8176fde16881bbda-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
18
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJusUIfNHyWCUu9vN5lVRvs&google_cver=1&google_push=AXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQI1AuFfTy0F5R_2RoWwJKpK7e2kHLVkicaBlPi6C93fMwNEmImyierepDS7wiAgCHrKUzANgCh-RuT7CVhMy-dv3RGJdMYKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8176fde02f4abbda-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3478
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKlS4JXMhsCV7XAElTxZu-I&google_cver=1&google_push=AXcoOmS92iHpwX5boGHyOJAbIUbMLwFT-mR7yLkQM300wryrbHH85eCgDGdoeGdPySHbVNn-EopdVaLG9dA4I3_s7ip1TBjv-UCq
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE4CC6FF8A1A4177A09A25825511118A&google_push=AXcoOmS92iHpwX5boGHyOJAbIUbMLwFT-mR7yLkQM300wryrbHH85eCgDGdoeGdPySHbVNn-EopdVaLG9dA4I3_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE4CC6FF8A1A4177A09A25825511118A&google_push=AXcoOmS92iHpwX5boGHyOJAbIUbMLwFT-mR7yLkQM300wryrbHH85eCgDGdoeGdPySHbVNn-EopdVaLG9dA4I3_s7ip1TBjv-UCq
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE4CC6FF8A1A4177A09A25825511118A&google_push=AXcoOmS92iHpwX5boGHyOJAbIUbMLwFT-mR7yLkQM300wryrbHH85eCgDGdoeGdPySHbVNn-EopdVaLG9dA4I3_s7ip1TBjv-UCq
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 16 Oct 2023 07:57:36 GMT
google
match.adsrvr.org/track/cmf/ Frame 3478 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDHka7ovhSH80JE2MhPvPG8&google_cver=1&google_push=AXcoOmRcXLRGkvgQibl6Pcwyt2C64aPnDi61_nVruVHnS_4ZUGL54a4PiU2pcqOUKn3cl1Nic4q4JzFUOnn2tyKQEY01O-f3sT6TMQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3478
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAgvRdRDqj6bT6j6-vTpsDs&google_cver=1&google_push=AXcoOmQJmWHm7m1cL81Ox_xBdZ7thrj9EAC-rM-5XMxU1VFoERY_BFoF3wcahtAAdwmdR_PO1hgOCCrYsWJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQJmWHm7m1cL81Ox_xBdZ7thrj9EAC-rM-5XMxU1VFoERY_BFoF3wcahtAAdwmdR_PO1hgOCCrYsWJXTflVP_orlQrA0W7c&google_hm=qhsXfMucQou-4TGz0QflAVQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQJmWHm7m1cL81Ox_xBdZ7thrj9EAC-rM-5XMxU1VFoERY_BFoF3wcahtAAdwmdR_PO1hgOCCrYsWJXTflVP_orlQrA0W7c&google_hm=qhsXfMucQou-4TGz0QflAVQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQJmWHm7m1cL81Ox_xBdZ7thrj9EAC-rM-5XMxU1VFoERY_BFoF3wcahtAAdwmdR_PO1hgOCCrYsWJXTflVP_orlQrA0W7c&google_hm=qhsXfMucQou-4TGz0QflAVQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3478
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA3K6Cex_hzAmZJ4bHR-2gE&google_cver=1&google_push=AXcoOmQ_aFqh_CNIkXVl_GTNNJmWS6-vFSl1nQgF93UnDf1syNDrip1yTBSLOspYC5sjHf9-WzCsQYeZhwRYi1XO...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6q7IKDoqSDoCgNCBenpydQ&google_push=AXcoOmQ_aFqh_CNIkXVl_GTNNJmWS6-vFSl1nQgF93UnDf1syNDrip1yTBSLOspYC5sjHf9-WzCsQYeZhwRYi1XOZMfDZm7VFI1iQQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6q7IKDoqSDoCgNCBenpydQ&google_push=AXcoOmQ_aFqh_CNIkXVl_GTNNJmWS6-vFSl1nQgF93UnDf1syNDrip1yTBSLOspYC5sjHf9-WzCsQYeZhwRYi1XOZMfDZm7VFI1iQQ
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 07:57:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6q7IKDoqSDoCgNCBenpydQ&google_push=AXcoOmQ_aFqh_CNIkXVl_GTNNJmWS6-vFSl1nQgF93UnDf1syNDrip1yTBSLOspYC5sjHf9-WzCsQYeZhwRYi1XOZMfDZm7VFI1iQQ
x-host
tde-deliveryengine-production-7595df5684-dv4xs
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3478
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEElgOQNwczkKfu28DGDT1CU&google_cver=1&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX3AuasnpgNDH&google_hm=Hf_9uGZHjKcXBDvYTne9YJxP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX3AuasnpgNDH&google_hm=Hf_9uGZHjKcXBDvYTne9YJxP
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 17 Oct 2023 07:57:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTL9rRef-XdIX0u69eVpTaFs1fM329ry50IuxrSMP74KaITDYx6z829jfjorDOgj4dZliXLVUl5cTI6xUzBX3AuasnpgNDH&google_hm=Hf_9uGZHjKcXBDvYTne9YJxP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3478
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDNydLedQoIB9TU0hSyqYgo&google_cver=1&google_push=AXcoOmRn9VM2wF-Kijm94vwAOqsVXzZOPdnYU56gU19-CTUOAwV6vu4tLtzj4-g1l93VrVu48i-8kR-7qhx0...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRn9VM2wF-Kijm94vwAOqsVXzZOPdnYU56gU19-CTUOAwV6vu4tLtzj4-g1l93VrVu48i-8kR-7qhx0B8nENcyd5GxpgHPg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRn9VM2wF-Kijm94vwAOqsVXzZOPdnYU56gU19-CTUOAwV6vu4tLtzj4-g1l93VrVu48i-8kR-7qhx0B8nENcyd5GxpgHPg
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRn9VM2wF-Kijm94vwAOqsVXzZOPdnYU56gU19-CTUOAwV6vu4tLtzj4-g1l93VrVu48i-8kR-7qhx0B8nENcyd5GxpgHPg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 3478 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Klv1FRd02o2hpIQ-89y2Jhoa-SW7m1kTRPgp7H-XNiGf1C1kwjYyYs4mpcxQwM14GPchau
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame D8DE 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=64491512;rtbwp=qdpTP8YMF_G10afMQO2g3826Z16GeCAxUFdFDw;rtbdata=N61IswdOU8ab0V3rj5S5sxAHjoHRvBBOcdVrDJsoL377FZZc_u_Curo5sMud8uCKbSNP88VQ5iUtUH7zySkCfEOVYWpEj7gxYsbexs2CofQgXUhfucjMCX3OsHZPIAv4UwRUjpYNjdenLYD-oczoYGulL2BivjAeSyrE_eiUpqcGKw06CASp8jf_LWAWORV_IXQM4_dHtAx4W3Hbhslx-papLHPk46l7TPcsWbOye5M64r9GpocpM7Db7MwGddVgomN1-c6UvUo1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B5D4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
49311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1P7XO%2FbWHKO2GwV%2F9TQrDb4QQQWkZMdN15i%2B5qpMm0poUc9Wn3VMQQl1mLRylZJYGKXz47AFgcsXM9SOoi0OnuRuj8ZSykxebjGIrjhqTrYhS4EwA5HvW4LknLqis%2BKP1OhYI44PVsLF4bAZ%2FpUWZfY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8176fde04fec3602-FRA
expires
Sun, 06 Oct 2024 07:57:36 GMT
animejs.js
static.criteo.net/animejs/ Frame B5D4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A3DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ611AJtdm9m1L8IghHNPH8hSLeXYjArKQfs4HAqHwy04nwF51GtPl-GdCXZ8Hpg4_OwzQZ19maypezjtH1dEccKRHHuqPgafi41NjqbGIOo2y3fCyk6Qd3sz5PNMaZrAe9oXWQybliLc26pGO6FfWbcGoARnlFI5qcZIe51Fo2mO7R7a1w8vLwMwhq_55KEDaEJFNbrmNmN9w39Wi-6UbxkUC3vzurV5xv19ok9zSATAFcrm5ZRXqfWaQO0zHclccLwnF-L-o6NnrU5Pe7U11B2hi5Xt2cZVz_dpizJY2SibN9CIhDxBrTaWoLYjhlkJ5GKiwjGJabi1VUMkrCMRnCnbsxJlEfxnuRwJjwyK7up1YJCZF2DgIcz-nHWiGkbXW69IQqTqeFE1j9g&sai=AMfl-YS5UgfpBu0YEoohEyZLwrokMas-x5R4gQINav2jLFA5s3rrPKfzULYXPdC90fgWvgY1ecida27n-VwP1BVjHmBmylbIXWYgde5eJYby1Ns32aRma2aq1Rb2tkr4Ng&sig=Cg0ArKJSzC6UgB5qlqP5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 07:57:36 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame B5D4 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
truncated
/ Frame 45AE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d22a971ccda6f4b5bf570c904d488c011ddbd5a7f46a4ff53c889bf2ee00abda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 623C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c185bbcbeb0ea825c5d1fca5e6bb3046d6fc26c76738c2a5bde52792608d49b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame C53F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
img
imageproxy.eu.criteo.net/img/ Frame B5D4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230524%2Fab5244b2b96f4d3db06cb0ff9e6efb06_logo_n_horizontal_9.png&v=3&w=356&rid=4&s=B91CoITVIGx-_izMqi6tWm7E
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
80edccfb779107beb98efa9ef0147732711d584b88ac86321d49c53313901778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17349
expires
Fri, 04 Oct 2024 03:37:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame B5D4 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoFrischemarkt-Rother-KG-303798DE-2206131121.gif%3Feb%3D1&v=3&w=800&rid=4&s=i-1FXZX1YZTilSfz1BI_lzmW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a5937814276c31ef31eed72014d740ba9490725b7a111fd84a6a53286058ef56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591956
timing-allow-origin
*
content-length
9598
expires
Sat, 21 Oct 2023 16:09:20 GMT
img
imageproxy.eu.criteo.net/img/ Frame B5D4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoEDEKA-Bauer-240993DE-2001281654.gif%3Feb%3D1&v=3&w=800&rid=4&s=2yMQbqa_P1puIceDONyd9vaa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c425429b587ed63b1b30b403245b414259e0fa93edcacfa8bfe8d334fc63c2a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=85500
timing-allow-origin
*
content-length
15908
expires
Wed, 18 Oct 2023 05:32:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame B5D4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE-2307031425.gif%3Feb%3D1&v=3&w=800&rid=4&s=Rng84yXgJmwASi1aTovDRcM-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ba7cba9ea0654da4c36277763dbd896d78c4adf7d20d1144c7c8a4f2cf32b2a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86299
timing-allow-origin
*
content-length
1446
expires
Wed, 18 Oct 2023 06:11:29 GMT
all
csm.eu.criteo.net/ Frame B5D4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8IwUWARGJu2oGVrBdZe9cP0_Ndq7QfWSWVFrOMYDoXRzYez3JtMI5A8_-wLe7x8nzw3PfVkX6hkeDWE1x2fDXtvmuiehCMNadF2vmTPtgdXGkVQUhEcsZH8XvrWKwvpdUozSUqdnQNOc_qm40tgofJVWKjEVr2p44kkruQSM22oFwHXMIQzby8LLImsVp-SwS4kR5owmmaRTt0LVZOL7wn-dkuLWGcrrLZwVfN4crElTuIcYt0Ox1BWM9PUIF9S-esH1aQ&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B5D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B5D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
truncated
/ Frame B196 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3d1b17702947c6064bc10fa84315b7d0869db7f2cbf0b40fd1e0b00df87750a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame C53F 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230107%2F71b4977a54894ba9afd2e3de35efa73f_500x500.png&v=3&w=596&rid=4&s=WLNxt5dN4lSma2lxxjIpsysH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8e6db515ef069f0bb179cfeb005f1cfca79e9f04bd68ffc9eba17b4819abd7e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4521
expires
Wed, 02 Oct 2024 03:45:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame C53F 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F08%2FGEEKOM-MINI-IT13-MINI-PC-1.webp&v=3&w=400&rid=4&s=a3fvT6G_XOGb8vVM-LqQmo_f&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1f8a9f8ae1b2b2ebb3064529d36814cd4cc7a2dcd7596cbab57c819b53f4e822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
6568
expires
Tue, 17 Oct 2023 08:19:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame C53F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F09%2F1.webp&v=3&w=400&rid=4&s=AXw73D4OAubc6pph5F5wgIpi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2cad61fe2e4155f3d2f862e29bb1c0a305c4ed49ca98a78bc082debc08a5a52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
5066
expires
Tue, 17 Oct 2023 08:27:12 GMT
img
imageproxy.eu.criteo.net/img/ Frame C53F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F08%2FGEEKOM-PM16-1080p-Monitor-1.webp&v=3&w=400&rid=4&s=yBL3u0MTIGHucfSpp4wDNlFK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5ec86fe055f703d79cee010fe657a9f65ae83d666880a1ba459116b3e033174e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
11536
expires
Tue, 17 Oct 2023 08:41:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame C53F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FAir12.webp&v=3&w=400&rid=4&s=WhHbChw2G1U_AuNTPFJ2QBCg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
7456
expires
Tue, 17 Oct 2023 08:15:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame C53F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FGKM-Combo-Tastatur-2.webp&v=3&w=400&rid=4&s=mLdHw90dWdm2X8475IH6axfB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
867f05b525e309e835db6f09dba939aa9462520f709fd32661e0d46c589b4380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
14118
expires
Tue, 17 Oct 2023 08:05:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame C53F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FPM16KM-COMBO.webp&v=3&w=400&rid=4&s=PpUfSEwfumuA2Rf_cAK9BYaU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f894f9863c97241391f0044854b7b7a63a1fc70299531cbbf530fe906b30e0cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
9918
expires
Tue, 17 Oct 2023 08:14:35 GMT
all
csm.eu.criteo.net/ Frame C53F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fTed-QRGJu2oGVrBIDNpdKafRQ5exzgU8y91w-g6mgHQsjotEpHVpHo82sZNx2rubAj1fBorwVH1xfvCWbw7ts-N4xguydQr2N1oWpTkLxXyfx7rt2QDum-Yr1PKjTUHDTySnarM2z-LfafkY68oc5-2EGPsMefGvpysJ4GUjbnVKKOG_dS0goxUs1aQEXG238ufuoGWLu7hf2Bh_pYBzLuhJw1ckkrSLsxWDA7oOKzisYzOe-B8k8F1ooLWDn6oQCUioA&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C53F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C53F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&u=%7C8ghSQ%2F3qZvUl%2BcrKRADEYlBU%2FKbGG%2B7YLc0gdixctqs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIdwqGdaLrZtB44iHyBE_Nb8PthDoUPE12Ex3WRbn1EHxuMv4_lc1pSOXFRa__ENoetVdbDRb4p67RLoHQ3hA1VB_EknLrg6x3wODLdjXHigr1YTjoP9ms6VCGeX6EuSFuHXxdeOLtr0b0G4WGmwSNii4UW6TeZYePGYNdQBg96isYFiR0G7YkKcBSt2CU4nl13gV-2YECEFHLkHbCQmdaTVEOVsvGXL9K6KFdLAMX-lxSxPUZG49a4D1q_uNIqyT1BKxT1y6TUks7eXR7m-J1jyLu3gHi71Zhoq3zQgL8U2pPSrT3WdF-vUy_IzRStlpBHfj6ChPVMKCCsnhYPDIq9cMd2mdt0-FSO4lfqkdARxNEgCAfKNsDZ3blmYxpJqCEO_69okajlpbqvUENwVpkV7mve3ws-dR4NdY_Z7I37h8-m1KB_mBoNkiRmn_RWvG1lYVMeeinA9cNpJcpjpCatmUq89qEZH7HwGw8iE8aBInRnpntZ9rq4QK1I-IhVFo0UpyK5xrX1FwQt0lRg1aMHInCvAEQPmDCOGZuywIE4Uo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLmfJbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLQCT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwVKiYzwVeQ0qqh3nk2ne3VhfmKYZBxNWvQKBulZMZTicFGmB-30c71RLgBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_263-t2jwqIQ6mtcC8-GtQb7bJN1w%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Oct 2024 07:57:36 GMT
/
track.adform.net/adfserve/ Frame EE83 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=63416572;rtbwp=ZS4-bwAAAABUqCe73DHipUw0w99TMVUH4tgGBA;rtbdata=V6Mthunvg1N7BExbaAafUpGBoXnguRz4UeUBIvgBw6stXro8eXNkzVyDryRVrodCjQjNxZLSB-TbXBOLVHlNjU2dpph9fnaaYrhWGoL7eTCn1tqZoqCbHlIZqeObP9kCAmrr1TRd8AkB9lTzRKk6srUso8Fw02BoKYn8hTqZDzJlu-LCe9EAM_ehkK2dgQXwpDQBYHbWPTCyCuHmoIJK_fRKhO4Ol1iBvw-Xx7VRQHiyUBkNx2AAzA2;js=1;adfxid=1x;291;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fnews.walla.co.il%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6ef0610e4fd28da2b25c022917498c8123778b8b741122a12c2597569adfe7d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2269
expires
-1
/
track.adform.net/adfserve/ Frame D8DE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=64491512;rtbwp=qdpTP8YMF_G10afMQO2g3826Z16GeCAxUFdFDw;rtbdata=N61IswdOU8ab0V3rj5S5sxAHjoHRvBBOcdVrDJsoL377FZZc_u_Curo5sMud8uCKbSNP88VQ5iUtUH7zySkCfEOVYWpEj7gxYsbexs2CofQgXUhfucjMCX3OsHZPIAv4UwRUjpYNjdenLYD-oczoYGulL2BivjAeSyrE_eiUpqcGKw06CASp8jf_LWAWORV_IXQM4_dHtAx4W3Hbhslx-papLHPk46l7TPcsWbOye5M64r9GpocpM7Db7MwGddVgomN1-c6UvUo1;js=1;adfxid=2x;6871;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fnews.walla.co.il%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6226e56eaa8ea7b303a16020470546f59132e2f5f8fb6f5ed4fbeabb51f1d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2087
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame A78A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaylC9E5hSB-b7WRIc3hBVzm7B6TwN1Fcno1Np0Aj8WDxvWfkXA5BcxYE7Y3L602v3lp1TR_Om7c4GE79xR-y6qvyWHnVxdeRYtZGR&sig=Cg0ArKJSzNHKoah4AFzoEAE&id=lidar2&mcvt=1116&p=1120,315,1200,1285&mtos=1116,1116,1116,1116,1116&tos=1116,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=578455068&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697529455287&rpt=561&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B196 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:20:48 GMT
x-content-type-options
nosniff
age
254209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 09:20:48 GMT
truncated
/ Frame EE83 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f070a6131813b3feb3b7604e727263aebbbbf9ec322c080ffddff4b29e470b17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EE83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc-cH11YF2cqxHVSZWFGoouKvdUAMfCHgVmoQWvpnzwlPQ8u6kFWlwuJIQMg6V_S_2oLPab4U5IQ5v1iQRZA4lRa4asPc0Uc1D_govgnmxuNDKRflGOMS--hqMgeFiSdqHeJoBtG3rRqYfcrfHQg8zdUl8D3rSvcXs0C_9c0KSHqjNlpwxKF-G9GnfRnxE_R-TiCrD5oL3kD-JaoC_cvr7o1es3pPjSBu24dI4DZ97nTg6xrsYWprCVvGAifWwkEQsZRx_lUE0pTWGV-ECC80yZn56t7rx8TTJVfVC2ipxARwbntmm-Bwoc6uSpvNlFcepq9wK_xFAgKvuCM3Jp-OcxF7Q7dmkwlf6SjCqIbK2iUQSv-eOyWGmi9RGXhXF5kjcqQSNXz3NDyAzoA&sai=AMfl-YRSM9sfF8D8gKDI2v2rBchCRHoDQ_LYawjTQYhBH_9VAxnc7_Hsxc0mTeXwgjopm1yKWByh-D6SVfbUjKKLnais-1wfe5Fk4AVWjsATkcnTiqX2RWMshBqA7VTEPw&sig=Cg0ArKJSzIzc8elVh1qZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 07:57:37 GMT
/
track.adform.net/jsmetrics/ Frame D8DE 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?sid=276&rid=10436&cid=76617&adfserve=81&asset=46&deviceType=Desktop
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
etag
"6377990f-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310120101&jk=3541264247940490&bg=!ubqluvXNAAbFpEfJ5aQ7ADQBe5WfOJ_L_lJkTUzrFK8H7R_fXwtVBS-Bp0jrG9bGm0AWLjl0wQi3EZTazHmbWlFwAQkUAgAABGxSAAAABWgBB5kC9p77MuH6geviF_XaMwUa_2IyG25cm_fKSP9W5izQyZpFkfmWmlU1X73XnYjjRsPqb-ln3QNHgCRPyeL2a8tYOI6h9gsUQD5o3dEZCHOB-ogoDIo7dGGGyvauCwF8CmyWrlc6bc8U5fZm2dPJ1M9ciM3hnWG1TjMYcCI4rYDdTPOqNA9tnQROtbAVAkFt9HyoGFdMCBuFjCHaVdnk6e_P1mOYCXtJBjYInwpwgKEfG_saaxFopWw9a5PhOiGMP7AmJN3O_4LjecnihhGiCId95HwiwlU7gDHjsqnYKAvpq2fv3N2VXNTTLynYmNq2IR1d14Kxx6rVbyq4AdKy3qxr4XC6EiqxsmAfMxQ3u_hi-DtUHzJoeKDJEjbLwuEDlmbeNDibnGk-WGLbwH0NyDR-VTumDqb96Rlg0nGMgHtlK6otmtMm6xm35D7vg5eYgDQmmjCPG6iCIBolvY9RPeUznEzCL78aD2rdPcbzGamWSKlLhhR7FhamRyuedJaj3nM6a1zQrmCaFCwd5fATtE98AfwbUXz-rbUJMmfbDxxUjP7N5dx8iw0OGajCdC3xqgDw4OmHvXSKB_r2keWJ1ZfplAyDK0_CLxpguFjBuc8VPE8Ge2d4dgAVISga42sm7qgVe3taweP3V37FmQVCq3EvnFqIbCqOLXm9fNUt2A0EsPnqcjpOTrGfcPHIqnzqbxlLhwf8vZCOjV9BmFIVWer0_ibS-KYFGzCeXX-rK4eZ_I2DgJWG13pNhyum5BP56Fq7YBXAZVX9-PFve-xrAAckJgZzsq1MTF7ZGp8MRrpsttevhX5oOaCvy7GBfstUJEdTirouvQiFpvaW0_A5K-ka-3tLWIe98Y_ehUi4_q0ikcBnsNkE2qBVqFsZuST6qUo0cWWyepooQZh1tQaewRG1xs9dsipSFvb3MMabmyS6dS4UwZ1TrPTOkh60hfRfFui2mpAnH25d2wb0i4c1_UfF1FYKdFNSk2xfTfU3qVvpkypln5h46czO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 623C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdJHpbz4uZeqaIc2OgQe0qoy4Dsme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBLECT9AaLNlGAq9okSnJjFdI1GzJvcr3-XqnPQgW5RlE2SYUDLTyIo_tOzyZE_6HEL__WMavTchk4vWZ-M98SdBW4Q0Z4Z5fdC7XpsxIhWP1ZA3Ey8pr2zXlyZT2zQ3Vmug9jSCyD5adwclJbyO9TfVK_y0eeDYPt7E303FSUxYNKmuX5J8pq5JhmG91xHUJ-gZSHCliPrSATmwG2dV4LF57FUwGmQVPHi9mUOsSu1MH1Nojb0Xi4RLmtNoIK08GeeQ9hl070N3ZSLmbXwx2uzZPUgco_tN-ZIK0rnLr9ZJt7WJIRcNgpnl1QP8TJJioW_IxwU_ra4XGG-XpIkSagHpYAMFPvmXogFMmI-dwFqq5XYXNk3cMV14-Vlde8hnBIzBL6s0t9GhTM2GmUAsdgqrq_67gBAGABu2o85zCvPrazgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=MtDloFuzpaU&uach_m=[UACH]&cid=CAQSOwDICaaN7ld7rwD2crv8sMgiDRjw7gOcnmH62KNF-f2f7RRGAqGDEJy6e_TA-O2fZzY7P608jymJXHpMGAE&cbvp=2&vis=1
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 623C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6DQFbr5RKwCkAOdg2ICAgAAAPhK5wT9N68YUwfGnDwtHg8Qbz4uZXIGx8DzBX5dAEEAABIAAAoKQVFVQkFRRUJBUQ&wp=ZS4-bwAITWoK4EdNAAMVNCI3SZ_BDJLCAUsBMA&cbvp=2
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
176521
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZjIMbz4uZeeaIc2OgQe0qoy4DqeB-a9zyd6Kn9URhIz_mqQyEAEg0ZPDKmCV4pCCoAegAfC9xvYDyAEJqQLL4DnBOrSxPuACAKgDAcgDywSqBL4CT9BG3RaCnY1tFx3Mq4B42vpR-PpXvMcbxfI3o4dIAPBbfos-muCMDMkX-zo_eC0E4Xlf6b7UioJLDK1oE3TjzB8LPU0QWtVd60v3r5li4dmE3LrgEuzJ2zuU0Kb3sWdLA7Ot4xPuyDpU0Scq7J8KVkMOCug9WeykHXs6ZIVEYRXiragI-Ag-4QOSlUS_gjCY-2kCatPIExYXBa4VQ72bnGmjnKVHXzWIR_X_-rCoC6mQjcD_mSMYAK2AKO8ZIGXjwKzv7RGmB3S4TUjsxom138bxu2IBtDrk-LJYArfzB1K_ktrIiJXwooRBCoIcX1UM62W7kSj_FhkXC6P3pWW8txAIguvd1qMyYqMWACJXtYHJ4Lx8550PBziRUY3MtwKsAYYtSvjPWlk1-FReYvuBMJTTGONLRHAkHX44H26UwASj2L2TiwTgBAGIBeqYnadDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jBuQmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ1bII0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJoQFodHRwczovL3d3dy5naWVzc3dlaW4uY29tL3BhZ2VzL3NjaHVoZS1mdXItd2FuZGVybi10cmVra2luZy11bmQtc3BvcnQ_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPVBtYXhfREUtQUxMJmFkZ3JvdXBpZD0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPYAKA8gLAeINEwim-sOBzvyBAxVNR-AKHTQVA-fYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzYyNzY1MDA4Njg5NTU5MBjx5hM&sigh=OxNUdWUUQ4c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN7ld7rwD2crv8sMgiDRjw7gOcnmH62KNF-f2f7RRGAqGDEJy6e_TA-O2fZzY7P608jymJXHpMGAE&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame B196
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZjIMbz4uZeeaIc2OgQe0qoy4DqeB-a9zyd6Kn9URhIz_mqQyEAEg0ZPDKmCV4pCCoAegAfC9xvYDyAEJqQLL4DnBOrSxPuACAKgDAcgDywSqBL4CT9BG3RaCnY1tFx3Mq4B42vpR-PpX...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218178520648807938698%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218178520648807938698%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053925104%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224547549877883484657%22}&andc=true
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"18178520648807938698","debug_reporting":true,"destination":"https://giesswein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053925104"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"4547549877883484657"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 07:57:37 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 07:57:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18178520648807938698","debug_reporting":true,"destination":"https://giesswein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053925104"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"4547549877883484657"}&andc=true
access-control-allow-origin
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame EE83 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b117604cee9ddb73346c9f5a89d3dd2ac813ebf1c78fd8879e611c820c755bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 45AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6TNIbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJsCT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6xMi-sww9KJaIw3ag2uszrhbZ8QHIpZv6AOQXV5o-VuHzBG2f1i-OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=ZvCVglACqvg&uach_m=[UACH]&cid=CAQSOwDICaaN7ld7rwD2crv8sMgiDRjw7gOcnmH62KNF-f2f7RRGAqGDEJy6e_TA-O2fZzY7P608jymJXHpMGAE&cbvp=2&vis=1
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 45AE 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF-v_CsoH-gGdg2ICAgAAAKydCek4eIW8UwfGnDwtHg8Qbj4uZejyK3iqrEl8NkgAABIAAAoKQVFVQkFRRUJBUQ&wp=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&cbvp=2
Requested by
Host: 7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:36 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
180178
server
Kestrel
content-length
0
p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
pagead2.googlesyndication.com/bg/ Frame E97F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 22:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
467326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 22:08:51 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame D8DE 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b117604cee9ddb73346c9f5a89d3dd2ac813ebf1c78fd8879e611c820c755bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
/
track.adform.net/csimpr/ Frame EE83 		35 B
593 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=63416572&csi=xD8hy0H8apN3GMSx_MYD4qqrLF_-LHgOXd2I5-24YG8JDwKV3Zer3NLwX9vW1b6dEqKy8XS4p84VOhdDyNAcBmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://news.walla.co.il
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
58134474.jpg
s1.adform.net/Banners/58134474/ Frame EE83 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/58134474/58134474.jpg?bv=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
607b5fe498eec42997ff8dc8a9c4c4dd56616a4b43709935a392b39ca57ac960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
last-modified
Fri, 14 Apr 2023 06:18:15 GMT
server
nginx
x-amz-request-id
tx00000793ecbc6ae6f8122-00652e02f6-3295f919-default
etag
"58bd6b45c5235d717ef285d73d7112ee"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
48637
/
track.adform.net/csimpr/ Frame D8DE 		35 B
593 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=64491512&csi=_l6-nrledwbrVGRGhMu1Jf706jble8TsE-18hOYSaO7ZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://news.walla.co.il
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
58889146.png
s1.adform.net/Banners/58889146/ Frame D8DE 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/58889146/58889146.png?bv=1
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
69883ab3b036d6686f4925cd6c96da4d310fda64fc8f9f81fc26898cef427467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
last-modified
Mon, 08 May 2023 10:35:02 GMT
server
nginx
x-amz-request-id
tx00000f73422c522e0aba5-00652db7f7-3295f883-default
etag
"3e1d53ec2ce66502c729704133933ffd"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35624
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218178520648807938698%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053925104%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224547549877883484657%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
all
csm.eu.criteo.net/ Frame EBC3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZKkGXARGJu2oGVrBt5CjWDuFjK1r-NZLVvHVrsy2MGFppS4KBowVgmHbuI8IcOYdjeUcRe3j82hCj05ctjMsUm7MX8HTf66GBq-3NZ8JBGBryaNoO8O5Om5mN3ev8yT8HbPT37wJd3UOyGgKUwYpqOzpkpS7Fos7dfhj50gy3Lz_hXoWadFWG1A4y63VOwXMN3_gFNNeO8oFSyUqlEU4qtIGyeyGjayZq-lL4ALG0gJGvfT5hbUUxFbHRf2_k5eOIZ2WmQ&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bgAOSwcK4HOIAAfySDS9D04ezR2G3YYRAQ&u=%7C8ghSQ%2F3qZvU1hTbVqhfY9ydz8VX%2Fv2kShHw2frfHpoY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0gw-wXdlPcDLW8fZN9ZuNmP0ldHyCoW9mmBIkwR_rTwkBXAwJwY18GPlS_s5C1jNsUaJsG-frSz-8Gbo1i7aM7XUtKKZGYQZ5tucMjrKBmA7jHKlz4JXJ0J1sxInn1hk45ePOxwmLSSEtABNZmhsDtvMENAvNe6qPC6XN0Jm23vyzUknxOU0P2tvbFCs0GeDpaHRUQ1Dt3-7ipPGZk8DoqT-IKO0oBUgozqddkMvXid4KtQt1BNYUe21xB0hFyGd0Vtx_1mpIiWXAABYnj3aYaZhr-6l21IpLH3BUgKgKnPF39kENSx5mtIoI2zu3Ixsl_OPdTWJiqgJhSihtqIWL9HM3dlZ_Dh74KwJGtBqkKj7GeU69YOqPNqHerUynm19WNJz6rZhc4gpqMSItQpmWuL6E2NtW9yRwGMynGtL-XkBbsmi5iZX_gNJk8JEuwhK5pXFdjLQEwzf3D6PU-U9blcrhnWvaqErLpzh-TPUoWylR8on6ocPbmWeW3yT_XyAlrMvftGknS6IeodocLr48nOjdNn0imC2ZIuDIjc4jDSQiTDeqMEGafBs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcJ97bj4uZYeWOYjngQfI5J_IDsme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtM_RZHLsrE-4AIAqAMByAMCqgSmAk_QUuBQCGpKXeE3worwMgvqlLl9V2XN-r3K7fI3gAjMJ8xAZsrHKjjRf98Kf2wUWZuf4xsu3A9rx6WKU26A1LANaeXBISFsMoJZVwUvy9YlBgXOP90diRZ71dvuFKUQmjnQcbLm7MoEfCJ27qrZnfdfiQGPo30kLhHAILMgvEa0GO_ciLrF9w1-A6LhQG-XZAGkfsag6hj49aRdzr_95AaT6JuWmHe06UAQRhezNWz-zRdtw0mxvJGTOI3i0z0aTgCfLrvk0-afKn0MN3xbSaM0GscxSbCjUHlS-Pc0yL0pJ8VvVkzBa3_WWj5IrVIzdbAGAIe1hrSNdB-vOKrTnOuwkUKKX_tBgXmtGNuCW4TKo4E-Wq5Cu35HoVRqUDN-Acdz3Jhda-AEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WH8tHiYFG7i-pSqwba2UgAWxQDQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 45AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJcY9ei40B3t5U9d9_-ir1DACDuIqVhsRpP3r6bDcUNachSEglflIh2OumPOOgjSQsWBgpeOx_dTWs7CpixoNp_kdiIyYZmq7ZJ8w&sig=Cg0ArKJSzOiOCMYg45i7EAE&id=lidar2&mcvt=1000&p=102,314,352,1284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2574293897&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697529456099&rpt=648&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:57:37 GMT
syncframe
gum.criteo.com/ Frame F820 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:37 GMT
server
Kestrel
server-processing-duration-in-ticks
843194
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:57:37 GMT
sid
mug.criteo.com/ Frame F820
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=news.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7JBJenxXZXRockRuaHo0eWJlZzdWUE1UYUNFdGlBVThFcC9aK2RpKzJYdjlVZ3R4VFBkNFEzVkdkY0pUa1Zmd0FZTitZOGw3YWlIc09kb0xRVllZWE1xSVV6TmRVZFFmbHZ3Z1VidDBIYUc0WElYZ3lEMU1lcnhRMjN0OC...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7JBJenxXZXRockRuaHo0eWJlZzdWUE1UYUNFdGlBVThFcC9aK2RpKzJYdjlVZ3R4VFBkNFEzVkdkY0pUa1Zmd0FZTitZOGw3YWlIc09kb0xRVllZWE1xSVV6TmRVZFFmbHZ3Z1VidDBIYUc0WElYZ3lEMU1lcnhRMjN0OC9Kdkk4WFFIVDlnL2Z6ajI4d2Z5QzFYZmU1VytNa3hCamFqT0h0WEhMVzhZK2U3UDg1RDhwY1QxbEVXNEZuSjMvdTB2S2hiNXg5TEdPRTZPd2NWQmY0bXNQWmJJYzU0ZGwyZ2FWN1h4dzUwY1FHcWZHd3RLcm02NXhoUVczR2lYYm5ITndDWjFCZS8vTHBoSjk1WUlJVjZNNEdpM2pldz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
869dc14857c0489215be6a5bce29f3ac84d599a78d26cb11548d04e0d2d58c53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
887828
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7JBJenxXZXRockRuaHo0eWJlZzdWUE1UYUNFdGlBVThFcC9aK2RpKzJYdjlVZ3R4VFBkNFEzVkdkY0pUa1Zmd0FZTitZOGw3YWlIc09kb0xRVllZWE1xSVV6TmRVZFFmbHZ3Z1VidDBIYUc0WElYZ3lEMU1lcnhRMjN0OC9Kdkk4WFFIVDlnL2Z6ajI4d2Z5QzFYZmU1VytNa3hCamFqT0h0WEhMVzhZK2U3UDg1RDhwY1QxbEVXNEZuSjMvdTB2S2hiNXg5TEdPRTZPd2NWQmY0bXNQWmJJYzU0ZGwyZ2FWN1h4dzUwY1FHcWZHd3RLcm02NXhoUVczR2lYYm5ITndDWjFCZS8vTHBoSjk1WUlJVjZNNEdpM2pldz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
271831
content-length
0
expires
0
all
csm.eu.criteo.net/ Frame B5D4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8IwUWARGJu2oGVrBdZe9cP0_Ndq7QfWSWVFrOMYDoXRzYez3JtMI5A8_-wLe7x8nzw3PfVkX6hkeDWE1x2fDXtvmuiehCMNadF2vmTPtgdXGkVQUhEcsZH8XvrWKwvpdUozSUqdnQNOc_qm40tgofJVWKjEVr2p44kkruQSM22oFwHXMIQzby8LLImsVp-SwS4kR5owmmaRTt0LVZOL7wn-dkuLWGcrrLZwVfN4crElTuIcYt0Ox1BWM9PUIF9S-esH1aQ&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS4-bwAITWUK4EdNAAMVNBj8aeCWKn6cjhM3jg&u=%7C8ghSQ%2F3qZvUqrZMaB%2BLnAz10Fr7or3YAK7z0bFV61mI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtf_8mUbkv9VFOlq9cu7Rwe5xnJh_yhtsF3J617d882ZZYZ2oLBmxMuWYP4pubnDVBp5xMlDXX9j0pWBi1mfI1ToV58GqdjnUZ98166FlI3G2aJi2sRA_xa0Znw6NwPAFNFr5eOnvlN8_UoidDCEcNnKEfbHO_QRez7315Vbfil-wx5QIQuTVpcwosmuTVX0LqFieEVV-Dj3ta3Cc4h7su4F8Ow3xGSEYtDT0JvBbmQan0oiA6Smt_LpQNOocDx6zPdCQaz9GHKoFDeRjCMj4c4EC236Z1XkRKi1FYjtHB9ulzmdvx1ZRY_jHFcnqQbrHmQJ7gDTO_rwvyXahZ_wFmJwUXISMrdS_2Q72Hx_zarsm20Wrqzn2_2-BXopNK8VX2JuYOVo_9TluRVXaAVR5nIMhY-oXJSfr2XRL7b41C5bHf0aMKMcB1c3wobDfAb16j-kqBNR3SEoYbr_6GVFUmF5MUi2_9-c0LQqmrUCqO4h5gmOrqRAel2GQB0dMgD-O_1REk9ykedIUxe3ktlQH2u2TCSOLTqeqh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNjyCbz4uZeWaIc2OgQe0qoy4Dsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCy-A5wTq0sT7gAgCoAwHIAwKqBJ4CT9CvdJLrCwpPDeNeEadq6yMhFWGTW9C4clq6N5jHefMjfHFhAm1OT8YYJ5ly111WUr4W8kwJW2Y2BaUGHh6tOtOmZfYuaf-FMWSckMLzwfrF2iTulFNKPnNaYSjUjE3mlqQEMB_Kb6-C5ndpWhjKzw5Crwu7fJaQ9FuyCHpsjnGITOCZBJaoPaJMDcUHF6O0u_U9uDpY6fuwQ-M4qJRJbh-qAwTQwPM9fytdPbte2Es3O5PSyIyATo5lSyvfAiiwnBqO8ZKHZuWZS9SM1p5FP12aKulELpsQQSEqm-sxnINF9b7Jfmg1ZvBRzXMtPj78z2a7W6wOicqiQ0FZVSrnTdcik9NFY7gaqoB3pyK6iUjfUVpwMyjeE2lCEWDJ_OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-eKHnLedc67gBMilqBOSG4HN_6g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 07:57:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B196 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstP6CZ1KtR56E4wKk7EL3OgKdCkNNpbx3JS_TyVltog6A3tJddc8LXcAmzJ323ZOKWicYtDh1-khqbYgPvxdxYGsnQYb9zGdqAsk7DO5_HXNrg_T1p6dV9CmXN28Ud9CDbVtx-UPx7bmdoX&sai=AMfl-YRMNUv9VT76fmbXsdJ9hDiJZA_HIxiROySfFjcGShk0maeC3vjcxN-KWGYWo6jEmEGM_Z5oTsxIbmPgeQl2c-y_yIprqOnZ3XeqPPkYhsgRoEQ61eERb4putJ4&sig=Cg0ArKJSzDtk8PZYkMC1EAE&cid=CAQSOwDICaaN7ld7rwD2crv8sMgiDRjw7gOcnmH62KNF-f2f7RRGAqGDEJy6e_TA-O2fZzY7P608jymJXHpMGAE&id=lidar2&mcvt=1000&p=772,314,1822,614&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=0.4&if=1&vu=1&app=0&itpl=22&adk=2040804355&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697529456118&rpt=983&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.walla.co.il%2F&domain=news.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
255800
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.walla.co.il%2F&domain=news.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
226896
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 68F9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 Oct 2023 07:57:38 GMT
ETag
"623de86a-cf34"
Expires
Wed, 18 Oct 2023 07:57:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3783 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 17 Oct 2023 07:57:38 GMT
usync.html
eus.rubiconproject.com/ Frame 5DC3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 07:57:38 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D62C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41706
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
Tue, 17 Oct 2023 19:32:44 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame EF56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 17 Oct 2023 07:57:37 GMT
server
33XP006
x-33x-status
2000208
pd
pixelgroup-d.openx.net/w/1.0/ Frame AF16 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 Oct 2023 07:57:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame A7B9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
689
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8176fdeb88ee1e49-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
Tue, 17 Oct 2023 11:57:38 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame B5EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1697529455176
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame EA69 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697500800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c3bfb9279a9117ce76b64630f53c5d8a56cc22c45fce43039c70fdac8f5cfc

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fdeb6da19a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:38 GMT
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D62C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75840059&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
33b2a515d8ad312306d8a6625106d8dbdc02309d2eea24156d375ba5ae77f13b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 5DC3 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52033
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:51 GMT
khaos.json
token.rubiconproject.com/ Frame 5DC3 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
bounce
ib.adnxs.com/ Frame 68F9
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
an-x-request-uuid
3779fb37-04e5-4fca-9562-de7b6bf94938
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
an-x-request-uuid
f2ce433c-499b-43fa-813a-dd6079ccc420
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1257
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
Tue, 17 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
983445
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0E2D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 17 Oct 2023 07:57:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3BS7Q9N1Q70S3XFW9E0T

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 17 Oct 2023 07:57:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
31ZRH6F795G9DQ492KT0
Pug
image2.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D62C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MaTJBDGLRJOpbLUaH3ZLlw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41706
accept-ranges
bytes
content-length
5606
expires
Tue, 17 Oct 2023 19:32:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame D62C 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=31A4C904-318B-4493-A96C-B51A1F764B97&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.247.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-247-62.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.201
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame D62C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2653692519
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31A4C904-318B-4493-A96C-B51A1F764B97
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31A4C904-318B-4493-A96C-B51A1F764B97
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:37 GMT
via
1.1 google
last-modified
Tue, 17 Oct 2023 07:57:38 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31A4C904-318B-4493-A96C-B51A1F764B97
date
Tue, 17 Oct 2023 07:57:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame D62C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=31A4C904-318B-4493-A96C-B51A1F764B97
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NmE5bnFmTXAzUzFTVm14UThOTWNveXgxQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6636315287078971408&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
52.211.152.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-152-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 07:57:38 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 17 Oct 2023 07:57:38 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame D62C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzFBNEM5MDQtMzE4Qi00NDkzLUE5NkMtQjUxQTFGNzY0Qjk3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D62C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENBWBiyX7jheTz2LJ_15f_U&google_cver=1
42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENBWBiyX7jheTz2LJ_15f_U&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENBWBiyX7jheTz2LJ_15f_U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D62C 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 16 Oct 2023 07:57:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D62C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6636315287078971408
42 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6636315287078971408
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6636315287078971408
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame D62C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
server
Kestrel
content-length
70
content-type
image/gif
31A4C904-318B-4493-A96C-B51A1F764B97
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D62C 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/31A4C904-318B-4493-A96C-B51A1F764B97?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c184:4582:9358:8e30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame D62C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=31A4C904-318B-4493-A96C-B51A1F764B97&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 9392 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8519d8f104f0423d5f3f3384145aa7aa184e08c7f311584d5a4c4e6af6173c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8176fdebeeb6994e-FRA
content-encoding
br
content-type
text/html
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X7yfcNgj3Q%2BGyNHHyI9o0p9q6mwWsPZF%2F6mxOeJ4g77m6DSq2KKxeEGCDv0dNnGLHElxMEkAWFvywROVAzgdrkaz2lkKQ%2FnY6wzSPFE5mHd6RNlVhQyvePeZi9seN0lrEUy4pGl3wG%2B%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame EA69 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
347775
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8176fdebfe249a11-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame EA2A 		0
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fdec2e439a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:38 GMT
server
cloudflare
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame 9392
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 07:57:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BHGVZPYV6XEC854DMCCM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 07:57:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JTD48R8SECXG1CC8Z30K
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9392 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 9392
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS4-b0ZGRb1Nhj3IuP2vlgAABI0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bV8LkprNKxc4JciI4D4NQp95btlMZAGvWl%2BmQQasWZrY6DyuPBnoEOswTGgtK6wo9d7Z1TbObmiybMxFlvXx8vvimrSJMU97WD7RU5S%2BqxilbZPjJMzCiU9YqOCHzlt4zlM7QGiSjmPmzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8176fdec4f14994e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIEInj0tG3E-ZjxKQMB_Fso&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9392
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS4.b0ZGRb1Nhj3IuP2vlgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBAf1I7uULaEHdtAsOGI9SU&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBAf1I7uULaEHdtAsOGI9SU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICNEEMufueP5KJWDp1CHMCp0DsrQXvC4pEbXeShME5y1TXRsyRCNoQfEa1NNIYb%2FO%2BzHPBYO2xwf3ARqz1P%2BOWsTUH5XPd64OwQ2ZlQLHkvA4k0A6uZC%2FzIkY3ZBwRIQEWfBkiNocumVnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8176fdec7f44994e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBAf1I7uULaEHdtAsOGI9SU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 9392
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZS4.b0ZGRb1Nhj3IuP2vlgAA%261165&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZS4.b0ZGRb1Nhj3IuP2vlgAA%261165&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b9e3f113902545c4b526b1a86181e2f0
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b9e3f113-9025-45c4-b526-b1a86181e2f0
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc5d98e7e-fa05-4754-a0f1-e562c92...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433830464777697&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc5d98e7e-fa05-4754-a0...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&_=1697529459.2923634
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&_=1697529459.2923634
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 17 Oct 2023 07:57:39 GMT
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&_=1697529459.2923634
content-length
447
x-amz-cf-id
_lrvyAYtWmgVe6acP1Eiaa_JCLQTeau2XXKOvscSQFb6JX9sd2FyNA==
bridge
cm.adgrx.com/ Frame 9392 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
tp_out
d.adroll.com/cm/index/ Frame 9392 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:2e01:fd37:4808:6be0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 9392
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6636315287078971408&expiration=1698739079
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6636315287078971408&expiration=1698739079
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woa0ZtBX5bH7y32qQh0qHWX3aa%2FVyMjCfLd6V9CG3ZA4wzRwaQp%2F9YWRElaJ92RfNXstoYJ1ZsaRigfmxZQMexrnIl1TD3DzbE1Byl8OHutbS6VGjUyy7nvTWA0b0rUzmqZC3R54Zxelng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8176fdec5f4cbb8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6636315287078971408&expiration=1698739079
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9392 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZS4.b0ZGRb1Nhj3IuP2vlgAA%261165
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
51507
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8176fdec39911e49-FRA
content-length
43
expires
Wed, 18 Oct 2023 07:57:38 GMT
/
onetag-sys.com/usync/ Frame 90AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame FC10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 17 Oct 2023 07:57:38 GMT
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 4935
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Tue, 17 Oct 2023 07:52:42 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:52:42 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
smwt256.gif
us.ck-ie.com/ Frame 96F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 17 Oct 2023 07:57:38 GMT
Server
nginx
v1
match.sharethrough.com/universal/ Frame 302E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.218.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-218-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
smw888.gif
us.ck-ie.com/ Frame C96E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 17 Oct 2023 07:57:38 GMT
Server
nginx
g8pHDCZTRKrqCcqnLUsh
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 0B46
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/g8pHDCZTRKrqCcqnLUsh?pi=smilewanted&tc=1
0
641 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/g8pHDCZTRKrqCcqnLUsh?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fdee48649a11-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 17 Oct 2023 07:57:38 GMT Tue, 17 Oct 2023 07:57:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/g8pHDCZTRKrqCcqnLUsh?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 6EB0
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=2e25137932f9faa27949ea0daf3c7795
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=2e25137932f9faa27949ea0daf3c7795
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
2d10cf08-b18b-439e-bc71-dcbbaa4fe35e
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Tue, 17 Oct 2023 07:57:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8176fdee58759a11-FRA
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:38 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=2e25137932f9faa27949ea0daf3c7795
server
cloudflare
getuid
sync.smartadserver.com/ Frame 3C47
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 17 Oct 2023 07:57:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 17 Oct 2023 07:57:39 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
server_match
ice.360yield.com/ Frame A965 		43 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.117.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-117-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Tue, 17 Oct 2023 07:57:39 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
async_usersync
ib.adnxs.com/ Frame 68F9 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:39 GMT
an-x-request-uuid
31425f9f-a413-4796-aaab-2e4cd36c5f61
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D62C 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame D62C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43020954&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cc18935756aa4274f7b9885fbf63e70ed60c11cb8a3d034d902f9b0c0c729116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 07:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 97DC 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=31A4C904-318B-4493-A96C-B51A1F764B97&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 17 Oct 2023 07:57:41 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 36C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2702435962288459528&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2702435962288459528&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
62961221-66d5-48cd-9556-6c07dfcf4ece
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 07:57:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2702435962288459528&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
146.70.117.84; 146.70.117.84; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 67A9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290833519009003676&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290833519009003676&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 17 Oct 2023 07:57:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290833519009003676&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame FA03
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5c550b48-e9e0-4c73-a642-becaf5566ab1&ssp=pubmatic
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=5c550b48-e9e0-4c73-a642-becaf5566ab1&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.110.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-110-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 17 Oct 2023 07:57:41 GMT

Redirect headers

Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 07:57:41 GMT
Location
//x.bidswitch.net/sync?dsp_id=59&user_id=5c550b48-e9e0-4c73-a642-becaf5566ab1&ssp=pubmatic
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pug
simage2.pubmatic.com/AdServer/ Frame F75E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rKZMFUCTUm9t4-Bvlc9V5ZJGdVQ&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rKZMFUCTUm9t4-Bvlc9V5ZJGdVQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 07:57:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rKZMFUCTUm9t4-Bvlc9V5ZJGdVQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame ACE7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 07:57:42 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B00E 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 17 Oct 2023 07:57:41 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230033-FRA
x-timer
S1697529462.645228,VS0,VE88
Pug
image2.pubmatic.com/AdServer/ Frame A765
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBYWswN0tYSDBBQUJobkNzUmFTdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAAak07KXH0AABhnCsRaSw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAak07KXH0AABhnCsRaSw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAak07KXH0AABhnCsRaSw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7127013687192223080&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAak07KXH0AABhnCsRaSw&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAak07KXH0AABhnCsRaSw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 07:57:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 17 Oct 2023 07:57:42 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAak07KXH0AABhnCsRaSw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
/
csync.loopme.me/ Frame EB41 		0
0
mw
mwzeom.zeotap.com/ Frame D62C 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=31A4C904-318B-4493-A96C-B51A1F764B97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8176fdff69329191-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame D62C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=31A4C904-318B-4493-A96C-B51A1F764B97&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=31A4C904-318B-4493-A96C-B51A1F764B97&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=31A4C904-318B-4493-A96C-B51A1F764B97&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:48 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:48 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=31A4C904-318B-4493-A96C-B51A1F764B97&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D62C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=31A4C904-318B-4493-A96C-B51A1F764B97&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:57:41 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D62C 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:41 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D62C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9084300851182786757&gdpr=0&gdpr_consent=&us_privacy=
1 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9084300851182786757&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 07:57:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9084300851182786757&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 17 Oct 2023 07:57:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
track.adform.net/serving/unload/ Frame D8DE 		35 B
593 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@63416572,1561224374617193468,0|0|0|0|0|0|0|0|0||0|0|||||1|0|0|S-9pBB9EzN248M5tcwHHbTo5LBxFdOzc5g4aT3s6akaIzI0kobWs_xhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|@@64491512,8543138103558820189,0|0|0|0|0|0|0|0|0||0|0|||0|0|1|0|0|9PlviUO7VL3i5nP9TebYOumn3tQYot-A0|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://news.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 07:57:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://news.walla.co.il
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tr.dxmcdn.com
URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEAHYF1UIRmByQHa13yENL3I&google_cver=1&google_push=AXcoOmRWDUIvmkN42czUibZjvnoA9Isx26Mia4lykzB6lPDPZ2lH-yov5_1NvN7U9lexuEPYUp3zyUcQZWxYsYj2U5-oSNdwGf5yODU
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData object| google_tag_data object| gaplugins object| google_tag_manager function| postscribe object| google_tag_manager_external object| _taboola object| TRC function| _typeof object| _tblConsole undefined| msg object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __twttrll object| __twttr function| _ object| dmp object| IDXSurvey object| __LOADABLE_LOADED_CHUNKS__ object| GooglebQhCsO object| apd_options function| fbq function| _fbq object| unblockiaScript object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp object| _0x47bf function| _0x32f2 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| _cbm boolean| fifabAlready function| fi_fab function| a0_0x5142 function| a0_0x5b32 undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __adoric__ boolean| IS_ADORIC_LOADED undefined| google_measure_js_timing function| onYouTubeIframeAPIReady number| google_unique_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl object| webpackChunk_smartlook_recorder object| fiUtils object| $backfillRefreshObserver object| $FIslowSelectors object| $InContentAutoSelector object| $websitePrependInContent function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image number| taboola_view_id object| GoogleGcLKhOms object| Criteo string| nam object| placementData object| owpbjsChunk object| owpbjs object| PWT object| cmTag object| a object| sas object| apntag object| _ADAGIO object| sw_consent object| _cm_wfCounters object| ONFOCUS object| google_image_requests object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

90 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCjFg
.walla.co.il/ Name: _cb
Value: CINJKhnDLzqD3XLax
.walla.co.il/ Name: _chartbeat2
Value: .1697529452099.1697529452099.1.C7ay5XBcFHL5DiPcSmBU16fgC2fL7U.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gcl_au
Value: 1.1.1432887230.1697529452
.walla.co.il/ Name: _gid
Value: GA1.3.342657286.1697529452
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
news.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://news.walla.co.il
.doubleclick.net/ Name: IDE
Value: AHWqTUmcdaRWF0L_AKWv52HK2aRDRNPW7O3LLcNyDvn0P0vbE6BUd1jF7Ktqz6lb
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1697529453.1.0.1697529453.60.0.0
.walla.co.il/ Name: _ga
Value: GA1.1.23039265.1697529452
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1697529453.1.0.1697529453.0.0.0
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: __gads
Value: ID=7ddee2472e729223:T=1697529453:RT=1697529453:S=ALNI_MZ3T43v-4SBMek5VT6I4OZ3f5RDpw
.walla.co.il/ Name: __gpi
Value: UID=00000c9a535e17e3:T=1697529453:RT=1697529453:S=ALNI_MaOhIda4trAZHyhjmZN40VzC9DEQA
.walla.co.il/ Name: _fbp
Value: fb.2.1697529453987.230901374
.dxmdp.com/ Name: dmpid
Value: 29474fcc-6fc8-48a1-bed6-744868003068
.dxmdp.com/ Name: audids
Value:
news.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
news.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D22112d4e-b973-48fe-b7ad-18ba725da0fd-tuctc27c3ee
.yandex.ru/ Name: yandexuid
Value: 7752808021697529455
.rubiconproject.com/ Name: khaos
Value: LNU17IEB-1G-G6R2
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrd5vq1zmQazPsKGGM1eolu5vVtDhgOVUMsxPxU5qr+6Ab50hpZAATWJ8O6axLhU/megoTvjdcpZkgcdj94p/MzbgVIXqTe4Jgijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.script.ac/ Name: __cf_bm
Value: Cs0EvbdfQRBCBu2vG7wATfcmA19l6naQz7bPk4fmOlE-1697529455-0-ATVLtu64jno9YkvXI57pX1D1Fgs6DwNsyf820yD7dRIiB3NqnJ1Gqfh4D/SFApURAPq6+KXLAAbsXQy+TblxPJc=
.casalemedia.com/ Name: CMID
Value: ZS4.b0ZGRb1Nhj3IuP2vlgAA
.casalemedia.com/ Name: CMPS
Value: 1165
.casalemedia.com/ Name: CMPRO
Value: 1165
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBG8-LmUCEP_565WvAVuNBernfW_mAhAFEgEBAQGPL2U4ZQAAAAAA_eMAAA&S=AQAAAt43L3QLeFLq0kJXEGPeIxo
.adform.net/ Name: uid
Value: 6636315287078971408
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003%22%7D
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 1e3a4464-652a-5222-9e55-aa03fb7b946c
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZS4-cAAAF3An_uX4LjBD1I67VjnU1fI_UO2MzQ==
.turn.com/ Name: uid
Value: 9084300851182786757
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-475baff3-f365-4e26-bb32-ebc192c5df6b-003%22%2C%22nxtrdr%22%3Afalse%7D
.criteo.com/ Name: uid
Value: 1e135102-b05f-4d18-89c3-7f8cf0c39b50
.ads.stickyadstv.com/ Name: UID
Value: 968afe16731a1316af192e9dadb1ab2
.bidswitch.net/ Name: tuuid
Value: 143bdc29-f5c6-4a3e-960c-99ba1b61dc2a
.bidswitch.net/ Name: c
Value: 1697529456
.bidswitch.net/ Name: tuuid_lu
Value: 1697529456
.w55c.net/ Name: wfivefivec
Value: No7jFPFS1QSEXm5
.ctnsnet.com/ Name: gid_CAESEAgvRdRDqj6bT6j6-vTpsDs
Value: 1
.ctnsnet.com/ Name: cid_bbfca818079e492ba1a585d5bd8ca09d
Value: 1
.ctnsnet.com/ Name: cid_ad829859b965481f8fed9d8972be80b4
Value: 1
.ctnsnet.com/ Name: cid_aa1b177ccb9c428bbee131b3d107e501
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22EAAEC828-3A2A-483A-0280-D0817A7A7275%22%7D
.simpli.fi/ Name: suid
Value: DE4CC6FF8A1A4177A09A25825511118A
.lijit.com/ Name: ljt_reader
Value: Hf_9uGZHjKcXBDvYTne9YJxP
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 31A4C904-318B-4493-A96C-B51A1F764B97
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZS4_cAAAAQxPkwA_
.adform.net/ Name: TPC
Value: 1697529456970
.tribalfusion.com/ Name: ANON_ID
Value: aontuJq0I1f9yNy6PgmFmYZck2Xrt7pLU5Nf5nhO6AI19Q79qZaiYFnN37D1acrejufiyVybu2F01HoPwWCRZaY2lxx
.googleadservices.com/ Name: ar_debug
Value: 1
.walla.co.il/ Name: cto_bundle
Value: slujJ19pc2Y2U1IlMkZXUjRoQ0RncWRabUwlMkJSVjFkWFFNc1VVbW5ET0U0OUhxSFdxc0VXWXNFQW1pVEtoeGZiZHpOazI0ZERwbDBvc3Z5Q0gybVNpZDhXU2RWUFFySGFReXlFSDFLRkFtcGoyNmkzbjBidUMlMkJVSEdGeXJSbmNTNk50S0FhMmJTS1lHZUFiSEtvZ3ZXdGdQcTE4ekElM0QlM0Q
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160447:3
.pubmatic.com/ Name: DPSync3
Value: 1698710400%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1698710400%3A8_220_56_251_21_13_54_71%7C1698796800%3A35%7C1698105600%3A223
.adnxs.com/ Name: uuid2
Value: 2702435962288459528
.quantserve.com/ Name: d
Value: EPABCwGaKvijAA
.quantserve.com/ Name: mc
Value: 652e3e72-875ca-17e53-06266
.weborama.fr/ Name: AFFICHE_W
Value: FjURXI32KAwW44
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6636315287078971408&KRTB&23263-6636315287078971408&KRTB&23481-6636315287078971408
.pubmatic.com/ Name: PugT
Value: 1697529458
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENBWBiyX7jheTz2LJ_15f_U&KRTB&23025-CAESENBWBiyX7jheTz2LJ_15f_U&KRTB&23386-CAESENBWBiyX7jheTz2LJ_15f_U
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq&KRTB&19420-qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq&KRTB&22979-qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq&KRTB&23403-qCOHQK1zghezLoIQ_XeYFKlzgBazJoMXqCAdm0yq
.audrte.com/ Name: arcki2
Value: 6a9nqfMp3S1SVmxQ8NMcoyx1A!20220908!1697529458648!ip#146.70.117.84
.audrte.com/ Name: arcki2_pubmatic
Value: 31A4C904-318B-4493-A96C-B51A1F764B97!20220908!1697529458648
.audrte.com/ Name: arcki2_ddp2
Value: 6a9nqfMp3S1SVmxQ8NMcoyx1A!20220908!1697529458701
.audrte.com/ Name: arcki2_adform
Value: 6636315287078971408!20220908!1697529458776
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.creativecdn.com/ Name: u
Value: g8pHDCZTRKrqCcqnLUsh
.creativecdn.com/ Name: ts
Value: 1697529458
.smilewanted.com/ Name: sw_user_params_infos
Value: C%2BProdtMYHExcNuS%2FFeY8UXQb2jrKsfoi2qKblzmQPa8mZlTYI0uPAGiD5rOaSSSrpx5IsmC3NKeygaG9zOdc68%2B49amDBxo7K9DeDHq2BMCKEzEWjsT0SJnZvVUaJAnWt55FYAzECXmiHpAuz9Qtq8p7XXZBP8h1kFiotgTU2Urf3Uw08DcylngyYBYe0OGJLN9DEDh9kRwUNe1jH6t5DMVoHOZhWg8EOEOPL3eiULXStmfI1MiVS1h24fuR%2F36CsCSzTJgb7qzrPYDwqmSurWLOrOPAFboYx5EjId%2BLZcasxiKsMD%2FziV02d8KU5iGbE%2FR0pRnD0MuKUrulRzL9sud%2Fl7Xpr%2BmQP9NhHGEl2uZuCyw9c1W1P0Ys2zBTwYuQf5zxpD4Kok%2B%2B5CB8VTFLOgawi6JNybZFwStG6%2FsJdZ01uDVjagk9FcnPHjhnEhzqWlfUWpBqkTS1XYOiUNmOg9s0jyRVf9c0Xf1jMa0g0YtFhvLu9%2F%2BGuplngT7o7BACf8gJRKVLODCbqVxTJPYaA%3D%3D
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2In5pNu7]!]tbP6j2F-.aE@%O4WYq=BR'/fSNWmlx]m)gvcp-iI*.pe'o6y.A2gj6<--FiX$2VX/kL</X+GY1Qw3)H(?*3
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIyZTI1MTM3OTMyZjlmYWEyNzk0OWVhMGRhZjNjNzc5NSIsImV4cGlyZXMiOiIyMDI0LTAxLTE1VDA3OjU3OjM4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTE3VDA3OjU3OjM4WiJ9
.amazon-adsystem.com/ Name: ad-id
Value: Aw4lDzMML03mo3_nuRscIkE
.liadm.com/ Name: lidid
Value: b9e3f113-9025-45c4-b526-b1a86181e2f0
.rezync.com/ Name: zync-uuid
Value: c5d98e7e-fa05-4754-a0f1-e562c9252abe:1697529459.2902489
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsRGAIAwF0AmsmCMe5PIJ320Aw0CWlk5q6Z3le1fyiZMtPGT1DDGHSc-rSKDqpEL7iKNUOpQG7sqs1nin7UugPD-_EC42f1oAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjAxMzE3NzezNBfiM9TNqCoszS0rMQ_Pds8DAPEPlJwlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjAxMzE3NzezNBfiM9TNqCoszS0rMQ_Pds8DAPEPlJwlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAIAwEwI_txAk3OcLZDUIoxMrd_a5c3BqVZWc6LZJh00-zYscSiPnW07qSUFA35IihHwhwap86AAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNy0EOgzAMAMG_-Eyq4Ng4zmdQCkaKWtKKwKWIv5fjSrMnjF_b1lyt7pD27bAOpne5q0E6oZXfai9IwL0XCiEGTwOJyKACVwfNWiufOpb5NhPPGk3MLdmzI2Fy2S-9Mx5wUmTMT0v9fTIqsT5QPVJUuP6-0iXu.ZS4-cw.XIOxber98j4WdntqAjvYOLgX1qc
.pubmatic.com/ Name: SPugT
Value: 1697529458

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network error URL: https://loader.unblockia.com/c/news.walla.co.il/id.json
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://news.walla.co.il/
Message:
Access to fetch at 'https://tr.dxmcdn.com/rest/api/v1/survey-executed' from origin 'https://news.walla.co.il' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://tr.dxmcdn.com/rest/api/v1/survey-executed
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=31A4C904-318B-4493-A96C-B51A1F764B97&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=c5d98e7e-fa05-4754-a0f1-e562c9252abe%3A1697529459.2902489&_=1697529459.2923634
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
7da4915f1454483f55b88b16d90a85c4.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a5158.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
adapi.smartadserver.com
ads.avct.cloud
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
ap.lijit.com
app.adoric-om.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn.firstimpression.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.unblockia.com
cdn.valuad.cloud
cdnjs.cloudflare.com
ced-ns.sascdn.com
cf.dxmcdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d.adroll.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
euw2.smartadserver.com
event.dxmdp.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
images.wcdn.co.il
imprammp.taboola.com
js-sec.indexww.com
live.rezync.com
loader.unblockia.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
news.walla.co.il
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s1.adform.net
scontent-fra3-1.xx.fbcdn.net
scontent-fra3-2.xx.fbcdn.net
script.4dex.io
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
syndication.twitter.com
t.unblockia.com
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.dxmcdn.com
track.adform.net
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
vidstat.taboola.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
csync.loopme.me
tr.dxmcdn.com
104.18.25.18
104.18.26.193
104.18.27.193
104.22.68.131
104.22.69.131
104.244.42.200
108.129.69.108
13.224.189.103
13.248.245.213
13.32.27.28
141.226.228.48
141.94.171.214
142.250.184.194
142.250.185.166
142.250.186.66
143.204.215.10
143.204.215.39
151.101.1.44
151.101.194.49
151.101.65.44
162.55.236.224
178.250.1.6
178.250.1.9
178.32.210.226
18.193.218.77
18.193.245.188
18.66.112.22
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.81
185.64.191.210
185.86.139.104
185.89.210.180
188.42.191.196
193.0.160.131
2.21.20.202
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.42
208.93.169.131
216.239.34.21
216.52.2.30
217.182.178.225
23.32.184.180
23.32.184.192
23.35.229.251
23.35.229.56
23.35.237.86
2600:9000:2057:400:18:1fcd:353:c61
2600:9000:20eb:e200:11:da61:a100:93a1
2600:9000:211e:5400:12:abfb:9280:93a1
2600:9000:211e:6e00:1b:5138:8a40:93a1
2600:9000:211e:d600:12:abfb:9280:93a1
2600:9000:223c:4200:1e:a43d:b640:93a1
2600:9000:2490:1000:10:be65:1fc0:93a1
2602:803:c003:200::51
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:20::681a:9a9
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:19ad
2606:4700::6812:272
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2003
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2014
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:26f0:1700:d::1737:6e99
2a02:6b8::90
2a02:6ea0:c700::19
2a02:fa8:8806:13::1460
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::714
2a05:d018:cc3:fe04:2e01:fd37:4808:6be0
2a05:d018:d29:3601:c184:4582:9358:8e30
2a06:98c1:3120::3
2a06:98c1:3121::3
3.121.79.42
3.122.110.157
3.71.149.231
34.111.129.221
34.111.131.239
34.120.218.58
34.149.20.76
34.160.198.118
34.228.152.212
34.243.69.54
34.91.62.186
34.95.69.49
34.98.64.218
35.168.210.0
35.186.193.173
35.186.253.211
35.190.0.66
35.244.174.68
37.157.3.30
37.157.6.234
37.157.6.237
37.157.6.254
46.228.174.117
5.196.111.65
50.31.142.223
51.75.86.98
51.77.64.70
52.210.247.62
52.211.152.111
52.223.40.198
52.46.151.131
52.51.216.150
54.162.112.52
54.239.33.159
67.202.105.23
69.173.144.138
69.173.144.165
72.251.241.204
77.243.51.122
8.2.108.194
85.114.159.93
85.91.45.72
98.98.134.243
99.80.199.240
99.81.117.172
99.86.4.108
99.86.4.124
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1
006ed0e9d5729e56b631a21b26b7b7f0dddf203a8f78f4fc816663f362a8f3dd
00f0457a464286e05b6c59595591de7199c3da6850157e312da13162b8dbef75
012b2110216b141cafb3dd625a3aa6fb9bdde045af83412d6606aeaa26e6d6cf
01bf01d746e41401087e19bd5540c49358196fd438b12c0c811db1479a0cd088
0394884b772f114b4ef2122a58081fcdad4da8f76fb9d8ee0887a9c9662beec4
04732ac8eec2220178ab7669b8f055278668ae808cf3ab50cef1327d574dc83c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
094a8f74d2d602e04369bb464d0f30db746df37aa041b20b6e081c8e26c28db0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0974c57da9391b649938b6aea99f0e9b9fdab6c0524d2448228bbcb478d27fb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb0fc1ccb691ccfa94895769b27182dc0c3f8d1edd727f81f3424d228f2f368
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
0d4166d628450e4060cedad79066d226c7be682380e708dc30d62159fd7433ce
122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
17ddd740d22d584977d1e93258f8eafe25246495422083084c68ced284b98f0b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194a96a248a363dc6010b5dfb213a50b98d0af560ece8f8559242d2def0455bc
1987755b0828e0aaa3344aa67e8195f333b0c8fa45da2199b5ab596c03c07167
1a49bf674b1157e5f256fc76d3f30f9ca80d6b7fe112180f8d386386e01b74d8
1bc16a197f5ef499b9285fa6d690b553c6c9737ee19fb9dadf4a4c21afdb6459
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066
1eaccdc4aacb54961f7160943eff55e3f3a21de84833c4a6f8d600d5db75fc1b
1f8a9f8ae1b2b2ebb3064529d36814cd4cc7a2dcd7596cbab57c819b53f4e822
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86
227556a8af1c941378068770d36092cdb9d4c06ee215b3e5972eb41c1b44dd73
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
277c9dd4065addcf4eb345a0112dcd77761185a4db2331001e80970a1a054103
2a060f4b8dca294114abee36f184a8d269da0cee3d17bd9d8319d08c200f2d4e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cbea3a3ee1ece1c688b8b0f0227d7d107359816d3a240e3d20b5e92baf3cad7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e30dc04b9a33bbc1591a93497cb143e52b2a69569e059c3790b7fb3aee39203
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6ec64287ac2f79478be46fbc4baab431af199cdce83907d77535005b2f6d2c
2fcca8a9de9e2bdc8d38d982e4365a1c3d37875741f5c11bcfb82cb08ee6a6e5
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3209947ef5d4b55b88a7e0d39ab85696dc6703ac784b476abc58c7b28463d79e
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
33b2a515d8ad312306d8a6625106d8dbdc02309d2eea24156d375ba5ae77f13b
3555c058855730d81fe3e5b22f38513699691bdc51edde3a603da89748594dab
35f2316dc240cc0fbb2996b98e0e3e0a971bb12a16865a588dc8ddbc6bb4ad70
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a7a85fb998680c3ac6ff6fc796f7b8aa554e5404975d1f60b13b574e6832fbd
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bb434b1b7a95e57df3dd6b7f011e0417068e9e360a8638589b599aa3dfc95f0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
420fd876d2c3f9d173b86a36dbf3c3071ebcc7d1f67233c953b295d50d2cd31d
43b9c218cc8db5c7b04b381ccfd02ffee1488e069009fa838dd64c9b1ceffc43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4433cf51ecf743f83df160c99dd312362e1e9f9dd1b2f5b4feaf86e8d088702e
44ffb03dda1914a5468efbb0d1b70db05a53f49ff509cf87aa56602786756b53
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4855b8ec613d695d50a7af3d0044f10afad1304c8663ae841e3a5d10aeceea36
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48dc75f6760a4dd75285e76058d028f96823dbdc9bc11114230d1f305e573b2f
48e55341fc06d51fd677fb6c8fdbb5c1c1d0686729380661bc183426527336a6
4a9071508f7166144b974c2809c8d84fd415b80c3699b0a6a75f5cd407eaf1b7
4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7329210d9782758550c9108738a480c6b823803cca3948783d0db662da3b23
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
51a2f88efa5f8a3131a80a5f50f571f6b93c2b37e92e2d994bd77f5646df8deb
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aac5438c726a309d6509d55c96d2303bf594b36440aaa75ffd8897d6dbd750
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
56e687887be4c418115fa34b4e7c8466f16ffce4ba5678efd915e69af36b1310
5758ef7f0e4c67a46bdc2599045dca7d0e3dc78e2da80db95b9ea324bd27dc2c
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
59bf8a49b764972f07ff10fa91267d7b6f7c1f5e16c25aaf4f6423c17b32188f
5a0bd16bfe3b2c9166ee723337f88b77ea96e82927bd552ebf82346a73c751cf
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5b722e124fadceb01901ba5f35960ecacb331f1fb6fb32a8e3d724d492a870c0
5ccf80a0afeca4e216b9d11023e248a8da1e079fb9524093692296c3b4d9ccf8
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5ec86fe055f703d79cee010fe657a9f65ae83d666880a1ba459116b3e033174e
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
607b5fe498eec42997ff8dc8a9c4c4dd56616a4b43709935a392b39ca57ac960
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645ffa5e4bd7d2398eb0639ad31670b6d7fb6c873fa2377d544f69388e932b16
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
69883ab3b036d6686f4925cd6c96da4d310fda64fc8f9f81fc26898cef427467
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa31dd89388fda4e31645d09e4e469a034999e4d7cbb356bd3b6b6fd44885a2
6b1ddcfd6817eee68680c30d5388200f69d629360dcb4fd606fce0809f68aaa1
6b606301c716b9ff89ec6e449fd41a54ec596208c95ab9ac2c49a92b27528e02
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
6d5cdb2e19803e6f8863c7601f81e50eba08d06bedd7a8c2d57b7905019ae685
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6ef0610e4fd28da2b25c022917498c8123778b8b741122a12c2597569adfe7d0
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7283e90c1b61af4204bc4e7a25bc8543e9ddc18b94b64aaa9806950c73d833af
72f5a8ad58658aa5301aa5087eb1dfb3e33827a2a07a4e6b495ba8565de372f9
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7e11848cfd87e686f2b13f3740ad082f1a216a4a1f1068187a850d0732431f2e
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7fa7b3d436cacf1c30c03a37d1374c28c019a79a29aa319d33ef89fb6ef0a1ac
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
8058500278e90cf4bf166fdb91e1d5c5377425e806874f12c4083b80ad049f6f
80edccfb779107beb98efa9ef0147732711d584b88ac86321d49c53313901778
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d
828ae639e7a5ae49a050353b45b2f9432320dda44b8194699477b311ac101c6f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d7aaa73a238f49789971c586fc94f2ef0d284724097c87833b48b9fd65caea
8328344442a822a64cfe6ee16aa4ebb90173a8ea0a203e0f5458e23a525b0ed6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835a21406b4cfa8dfe8a934e745cabe0b86a5d9e5955643c595ed35d8fcc83dc
84a942fa11d63b702ddff3dc7c309f59cbdd66b99853a34b4a07f9f6c87f2e37
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850477602dadfc050dfc8888bb3e27ba68aa9e686cdc90017f29bea1263872ba
861a0304197c321025f9681889b65d39613196b1850d359f7c5132f97af41129
867f05b525e309e835db6f09dba939aa9462520f709fd32661e0d46c589b4380
869dc14857c0489215be6a5bce29f3ac84d599a78d26cb11548d04e0d2d58c53
86d9dc72d07b78da20ccb18a75e1b898fbcc2ef138b26b76f5d5f1dc99375b16
8898c778613fdfb05dd8e275cb973c9fcb2aca9a3d9749469d4e06df063eb37d
893523f42f089cf44d632fac7366f54b2f3d24d9b5de47f771602350e7c965d1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6db515ef069f0bb179cfeb005f1cfca79e9f04bd68ffc9eba17b4819abd7e4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f10d7a122060c5e9725d7624296ac0d6b1817545d424d7fdecae5a54123344a
8f4ed7d95f391006e2d5ca09f472be4b1a5c7bc57abb4e972e2385073ecea196
92daead28a05e9fd0d3d55a4bab015cac9a4b08d40df59144fff0199ef1e79dc
93f0ad866ceb012c1eb992f4ccc3302da61fb30660551d8e60bc872382b6f113
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
940eb283e7f42810a413e64ee843ed76f7ec1115026a6cdb46e70de6ce0d4f6c
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9613a7a1499d447e3d0da4fdaa94387fb964466962f6ef0932a55da03e38d390
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9dbdcfbc90fe024fb46fc665100eb8ec6cbd4be380eeb224e80ffb07c2f82580
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ecfa9eb434486aa13a01e91438c17a60dcca125e93f34f508990991f107d57d
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9f5361c2ffb41dbb0ee12dffd3e845708d0f198b6ccc0d61ca19d9de2dfa3418
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a05609b1e9884a03540795f2227e6c0fdf2103067e93b0792ac6c82a48d47c
a1fd487d03833eddf187a290ca28f7f7e3bd60c9017f8283ed4fd22b4f2d4381
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5937814276c31ef31eed72014d740ba9490725b7a111fd84a6a53286058ef56
a5b39f901819fc1f56a56435b3f48e4ec407dd60075cc403fec73879df7bfc43
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
a786785f56c14eac0a047206b47359680bbe3b170695a877a127ad5aeee3ad78
a9af02619f6e7b8db8f2835f873bfac8efb007674a78ae8f572191b6c989a179
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a
aa8b31ba2bc2fdbc1ce8c71f0e4b5fae9da12faf4dfb7592f2fce67f98096482
ab5d8663f784c5bfc4ab2f65dbea56c31c6206310055e8d6e31673d8e5003c7d
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e57d75bc0af4ef3ab9ad87a27527b8db31959590a92bb5779ff82e57009c12
b117604cee9ddb73346c9f5a89d3dd2ac813ebf1c78fd8879e611c820c755bb0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b62801cfcc8ca8814790778f98508d20561c579b45515dbade21d980739dab
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca
b5fbeb0f1e41cc05ee98cca3e87ed085253ed6d334415806f653722bbd0c45d8
b634a00a9cafffb3b011ec6fd398917b8ebe38d7d285b1baa41c156d153a6326
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
b7fae7a32328a42e9cd0623149d86b91aec1290807ce9af9d59b367e6e97ae98
ba7cba9ea0654da4c36277763dbd896d78c4adf7d20d1144c7c8a4f2cf32b2a7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb81e3351fe8ae95fa1832fbe77e4b6e6c979a77513d02437c582a2cc7dd8a66
bb97d3acf539ffb93eb864d3fb3312f7126732193498a6de5cf234f21fa5ffeb
bcdbf8a66dc28576e4243679db143bf20de1f9411558c02ada96d4f0cfa38145
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf
be50a73a0ac75ed027dc3511dff61c388b807f7fd334c0d48cc2b8af522656e3
c185bbcbeb0ea825c5d1fca5e6bb3046d6fc26c76738c2a5bde52792608d49b8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2cad61fe2e4155f3d2f862e29bb1c0a305c4ed49ca98a78bc082debc08a5a52
c425429b587ed63b1b30b403245b414259e0fa93edcacfa8bfe8d334fc63c2a9
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c5c3bfb9279a9117ce76b64630f53c5d8a56cc22c45fce43039c70fdac8f5cfc
c6226e56eaa8ea7b303a16020470546f59132e2f5f8fb6f5ed4fbeabb51f1d7e
c7c75a042fe8070fadf1109e1a468774b849bac901650547706d283ea39d2631
c7eb4f46ecbac9d9889c868df8ac511d6008af7b70aedffb2400f3ccb6b759f2
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca8519d8f104f0423d5f3f3384145aa7aa184e08c7f311584d5a4c4e6af6173c
cafc15d62bcd7743712d138cce8f2581fc208ea2653a5bc8c4865933fb0fd8df
cb7fe7b68be275514b92d236b01a17bc5d2d4545bf20422cd91797402d6c5893
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc18935756aa4274f7b9885fbf63e70ed60c11cb8a3d034d902f9b0c0c729116
cc2728c7d949752bda4984f25bec537c5c0b85997ef4f04f18c38c692c6044f5
ccf57923755f6529f8452f3fa8294c9be1645c6f01cf0d7e0837a00d37f0b71e
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf528fec5f2cdedcd8213c7d056781991c894b6a52f00c98e9500952e171c184
cf5d3695cb60bad76004b8db75efb651b985d2f83fc60f8f050f206278f907f5
d22a971ccda6f4b5bf570c904d488c011ddbd5a7f46a4ff53c889bf2ee00abda
d276e016c1967b57393bed909ba95bb6bce64dc662950c6703ccb7232a76eaf4
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d759b0878335a560f2263a671b7c6356946feec5d32f106189a7b59fed46c87b
d76e2e9990c9a434da0173d048abe53169e336d104b61a25dfdb129d0d9340d2
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8f67c15ef1136522d80b265ec52d3eea969960885ff6a99d40ccef0e3809c5e
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd
de25f033c4a9c8ed8194cea3f55bd5b9a0498db670963cb2d641bf0930825200
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
dfd1480d35401f6bdfbc502424b2e514902bda6000de4b463bb0a50bdfa74c77
e012dc59356ab83a7589dd44a9f9ced103066261a7115c3153ae58990f18a409
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1b17702947c6064bc10fa84315b7d0869db7f2cbf0b40fd1e0b00df87750a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f122e7795e2b2350f50b4d3761f99f092157d4759a18036a7ad91d4c9310b3
e8b8ef3f53b9219b6e45674894adf50db4dc1b550fef0ff583eb9b150d81ce3c
e8efea9898d579f6c2a1e6461951eed1e44a7adb10e1a0e402b260b512633530
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec5e61a26ffb84b205156b7d8dae020434e7a198a29108201614305e333cea05
edf4d5ff0cd9bd2dcfca24dc79f62ab36f4acfecd9dc9084a9a88e23550c2023
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c
f070a6131813b3feb3b7604e727263aebbbbf9ec322c080ffddff4b29e470b17
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f49ec31b0ac51a73696d93cf49497d02de83e8dc34fc515e7eebcca16711dbaa
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f894f9863c97241391f0044854b7b7a63a1fc70299531cbbf530fe906b30e0cb
fae3abfeea6e0a543fe27ed5ea85cf014a3ae94fb90fb5939e0559e091ebec71
fb0de1646fdca06161796886ef29137623f3982e933b675f6d4d9178afcf86e6
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb