urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
65.9.95.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.co.il/
Effective URL: https://www.walla.co.il/
Submission: On October 25 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 9 countries across 71 domains to perform 485 HTTP transactions. The main IP is 65.9.95.57, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 165073.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 65.9.95.91 16509 (AMAZON-02)
46 65.9.95.57 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:212... 16509 (AMAZON-02)
17 65.9.95.85 16509 (AMAZON-02)
1 65.9.95.56 16509 (AMAZON-02)
4 13 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
2 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
8 23.35.237.86 16625 (AKAMAI-AS)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
4 34.205.101.114 14618 (AMAZON-AES)
1 3.224.42.121 14618 (AMAZON-AES)
4 2001:4860:480... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 23.35.229.181 16625 (AKAMAI-AS)
2 65.9.95.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
8 146.75.118.132 54113 (FASTLY)
13 64.202.112.223 23352 (SERVERCEN...)
4 2a00:1450:400... 15169 (GOOGLE)
3 12 185.89.210.101 29990 (ASN-APPNEX)
1 52.212.114.253 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
4 63.32.245.11 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 65.9.95.59 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 23.35.236.201 16625 (AKAMAI-AS)
2 19 172.67.10.198 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 213.227.153.220 60781 (LEASEWEB-...)
1 2a02:2638::24 44788 (ASN-CRITE...)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 5 72.251.249.13 32475 (SINGLEHOP...)
1 185.64.189.112 62713 (AS-PUBMATIC)
7 185.86.137.17 201081 (SMARTADSE...)
1 18.157.124.70 16509 (AMAZON-02)
1 147.75.85.234 54825 (PACKET)
1 185.255.84.151 200271 (IGUANE-)
4 2602:803:c004... 26667 (RUBICONPR...)
2 51.38.120.206 16276 (OVH)
3 6 104.18.19.126 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 173.194.76.157 15169 (GOOGLE)
1 1 2.21.20.202 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
2 3.126.25.47 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 185.86.137.131 201081 (SMARTADSE...)
3 3 52.48.80.62 16509 (AMAZON-02)
3 7 69.173.144.139 26667 (RUBICONPR...)
24 2a00:1450:400... 15169 (GOOGLE)
4 51 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
3 6 198.47.127.19 3257 (GTT-BACKB...)
5 172.217.18.2 15169 (GOOGLE)
3 142.250.186.162 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
7 35 172.217.16.194 15169 (GOOGLE)
1 4 185.80.39.216 27381 (CASALE-MEDIA)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
2 23.35.237.56 16625 (AKAMAI-AS)
16 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
2 2600:9000:212... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 66.155.71.25 13768 (COGECO-PEER1)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 185.86.137.121 201081 (SMARTADSE...)
1 1 151.101.2.49 54113 (FASTLY)
4 52.223.40.198 16509 (AMAZON-02)
2 2 2600:9000:212... 16509 (AMAZON-02)
3 4 13.248.245.213 16509 (AMAZON-02)
3 3 18.193.243.10 16509 (AMAZON-02)
16 2a02:2638:1::8 44788 (ASN-CRITE...)
2 2a02:2638:1::17 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 3.123.150.182 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
2 151.101.193.108 54113 (FASTLY)
2 23.205.235.133 16625 (AKAMAI-AS)
1 104.18.12.76 13335 (CLOUDFLAR...)
3 5 52.46.130.91 16509 (AMAZON-02)
1 1 3.126.56.137 16509 (AMAZON-02)
1 72.251.245.179 32475 (SINGLEHOP...)
1 2 52.209.199.248 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
1 104.18.13.76 13335 (CLOUDFLAR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 3 52.95.122.74 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 1 70.42.32.95 22075 (AS-OUTBRAIN)
1 35.214.174.31 15169 (GOOGLE)
485 102
2    65.9.95.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-91.prg50.r.cloudfront.net
walla.co.il
46    65.9.95.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-57.prg50.r.cloudfront.net
www.walla.co.il
10    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
2    2600:9000:2127:e400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
17    65.9.95.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-85.prg50.r.cloudfront.net
images.wcdn.co.il
1    65.9.95.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-56.prg50.r.cloudfront.net
img.wcdn.co.il
13    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2127:6800:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
8    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    104.19.149.54 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:2127:3600:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
4    34.205.101.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-101-114.compute-1.amazonaws.com
mabping.chartbeat.net
1    3.224.42.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-42-121.compute-1.amazonaws.com
ping.chartbeat.net
4    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
2    65.9.95.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-65.prg50.r.cloudfront.net
dal.walla.co.il
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    146.75.118.132 (United States)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
13    64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
4    2a00:1450:4001:82f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
12    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    52.212.114.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-114-253.eu-west-1.compute.amazonaws.com
ledger.crowdad.io
17    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    63.32.245.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
khn.crowdad.io
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    65.9.95.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-59.prg50.r.cloudfront.net
live.wcdn.co.il
7    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
19    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    2606:4700:4400::ac40:983f (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    18.157.124.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-124-70.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
4    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
6    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
11    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
1    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
bid.g.doubleclick.net
1    2.21.20.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    2607:f8b0:4002:817::2003 (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    3.126.25.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-25-47.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:19::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5ednds.c.2mdn.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
4    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    52.48.80.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-80-62.eu-west-1.compute.amazonaws.com
ice.360yield.com
match.360yield.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
24    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
51    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
ade.googlesyndication.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
35    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
16    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    2600:9000:2127:b000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2600:9000:2127:6a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    18.193.243.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-243-10.eu-central-1.compute.amazonaws.com
x.bidswitch.net
16    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.123.150.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-150-182.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    52.209.199.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-199-248.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    35.214.174.31 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 31.174.214.35.bc.googleusercontent.com
csync.loopme.me
Apex Domain
Subdomains		 Transfer
89 googlesyndication.com
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
ade.googlesyndication.com — Cisco Umbrella Rank: 287
538 KB
73 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
pubads.g.doubleclick.net — Cisco Umbrella Rank: 446
bid.g.doubleclick.net — Cisco Umbrella Rank: 444
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
318 KB
50 walla.co.il
walla.co.il — Cisco Umbrella Rank: 86021
www.walla.co.il — Cisco Umbrella Rank: 165073
dal.walla.co.il — Cisco Umbrella Rank: 189841
2 MB
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
pix.eu.criteo.net — Cisco Umbrella Rank: 8015
csm.eu.criteo.net — Cisco Umbrella Rank: 8166
156 KB
26 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1136
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2978
odb.outbrain.com — Cisco Umbrella Rank: 1488
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5924
mv.outbrain.com — Cisco Umbrella Rank: 2777
217 KB
19 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 4142
prebid.smilewanted.com — Cisco Umbrella Rank: 5778
static.smilewanted.com — Cisco Umbrella Rank: 9897
33 KB
19 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 122337
img.wcdn.co.il — Cisco Umbrella Rank: 105219
live.wcdn.co.il
165 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
eus.rubiconproject.com — Cisco Umbrella Rank: 596
token.rubiconproject.com — Cisco Umbrella Rank: 682
18 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14559
ads.eu.criteo.com — Cisco Umbrella Rank: 7867
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12901
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9829
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
110 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 618
69 KB
13 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1396
sync.smartadserver.com — Cisco Umbrella Rank: 1533
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
4 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
2 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 495
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 671
101 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
7 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
gcdn.2mdn.net — Cisco Umbrella Rank: 933
r4---sn-4g5ednds.c.2mdn.net — Cisco Umbrella Rank: 350409
228 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
6 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
306 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
4 KB
5 gstatic.com
csi.gstatic.com
fonts.gstatic.com
62 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
2 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
3 KB
5 crowdad.io
ledger.crowdad.io — Cisco Umbrella Rank: 121771
khn.crowdad.io — Cisco Umbrella Rank: 105183
247 B
5 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4089
log.outbrainimg.com — Cisco Umbrella Rank: 2301
images.outbrainimg.com — Cisco Umbrella Rank: 2207
17 KB
5 chartbeat.net
mabping.chartbeat.net — Cisco Umbrella Rank: 5701
ping.chartbeat.net — Cisco Umbrella Rank: 1228
1002 B
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4476
sync-eu.connectad.io — Cisco Umbrella Rank: 3244
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
605 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
233 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6045
adservice.google.de — Cisco Umbrella Rank: 8724
1 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 83255
122 B
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 435
fonts.googleapis.com — Cisco Umbrella Rank: 44
350 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
2 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2152
match.360yield.com — Cisco Umbrella Rank: 2893
950 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
1010 B
3 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 22183
b1sync.zemanta.com — Cisco Umbrella Rank: 560
606 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2105
mp.4dex.io — Cisco Umbrella Rank: 2186
25 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
196 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 731
syndication.twitter.com — Cisco Umbrella Rank: 1061
133 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1323
mab.chartbeat.com — Cisco Umbrella Rank: 2299
26 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 572
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
2 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
883 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
793 B
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1494
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1137
344 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 554
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
362 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
147 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
709 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1415
300 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1435
408 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13419
552 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2392
173 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
862 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
534 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094
576 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
191 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 702
595 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4187
1 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
170 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
17 KB
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
5 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2439
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 117408
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 121911
242 KB
485 71
Domain Requested by
51 tpc.googlesyndication.com 4 redirects 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
imasdk.googleapis.com
www.walla.co.il
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
46 www.walla.co.il www.walla.co.il
35 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
www.walla.co.il
24 pagead2.googlesyndication.com 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
www.walla.co.il
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
17 images.wcdn.co.il www.walla.co.il
16 pix.eu.criteo.net ads.eu.criteo.com
16 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
16 googleads.g.doubleclick.net www.googleadservices.com
www.walla.co.il
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
13 csync.smilewanted.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
13 securepubads.g.doubleclick.net 4 redirects www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
12 ib.adnxs.com 3 redirects cdn.valuad.cloud
csync.smilewanted.com
googleads.g.doubleclick.net
acdn.adnxs.com
11 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10 mcdp-nydc1.outbrain.com widgets.outbrain.com
10 www.google.com 2 redirects www.walla.co.il
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 pixel.rubiconproject.com 3 redirects csync.smilewanted.com
7 prg.smartadserver.com cdn.valuad.cloud
7 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
s0.2mdn.net
7 widgets.outbrain.com www.walla.co.il
widgets.outbrain.com
7 www.googletagservices.com www.walla.co.il
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
5 googleads4.g.doubleclick.net www.walla.co.il
googleads.g.doubleclick.net
5 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 ap.lijit.com 3 redirects cdn.valuad.cloud
5 odb.outbrain.com widgets.outbrain.com
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 eb2.3lift.com 3 redirects cdn.valuad.cloud
4 match.adsrvr.org 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
4 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
4 sync.smartadserver.com 2 redirects csync.smilewanted.com
4 prebid.smilewanted.com cdn.valuad.cloud
4 fastlane.rubiconproject.com cdn.valuad.cloud
4 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
4 www.facebook.com www.walla.co.il
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.walla.co.il
4 mabping.chartbeat.net www.walla.co.il
3 aax-eu.amazon-adsystem.com 2 redirects
3 mug.criteo.com
3 x.bidswitch.net 3 redirects
3 ade.googlesyndication.com www.walla.co.il
3 creativecdn.com 3 redirects
3 csi.gstatic.com imasdk.googleapis.com
3 mv.outbrain.com widgets.outbrain.com
3 adservice.google.com imasdk.googleapis.com
securepubads.g.doubleclick.net
3 log.outbrainimg.com widgets.outbrain.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 sync.search.spotxchange.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 acdn.adnxs.com cdn.valuad.cloud
2 pm.w55c.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 s.ad.smaato.net 2 redirects
2 ssbsync.smartadserver.com 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 cms.quantserve.com 1 redirects 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 fonts.googleapis.com tpc.googlesyndication.com
2 ads.eu.criteo.com 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
2 sync-eu.connectad.io cdn.connectad.io
2 ice.360yield.com 2 redirects
2 cdn.connectad.io csync.smilewanted.com
2 match.sharethrough.com csync.smilewanted.com
2 static.smilewanted.com csync.smilewanted.com
2 adservice.google.de securepubads.g.doubleclick.net
2 onetag-sys.com cdn.valuad.cloud
2 u.openx.net cdn.valuad.cloud
2 b1h-euc1.zemanta.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 pubads.g.doubleclick.net imasdk.googleapis.com
www.walla.co.il
2 www.google.de www.walla.co.il
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 dal.walla.co.il www.walla.co.il
2 www.googletagmanager.com www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.co.il 2 redirects
1 csync.loopme.me csync.smilewanted.com
1 b1sync.zemanta.com 1 redirects
1 px.ads.linkedin.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 ups.analytics.yahoo.com 1 redirects
1 js-sec.indexww.com cdn.valuad.cloud
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
1 match.360yield.com 1 redirects
1 sync.mathtag.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel-sync.sitescout.com 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com www.walla.co.il
1 rtb.fr.eu.criteo.com www.walla.co.il
1 r4---sn-4g5ednds.c.2mdn.net www.walla.co.il
1 gcdn.2mdn.net 1 redirects
1 ads.stickyadstv.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 htlb.casalemedia.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 prebid.a-mo.net cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 images.outbrainimg.com www.walla.co.il
1 live.wcdn.co.il www.walla.co.il
1 stats.g.doubleclick.net www.google-analytics.com
1 ledger.crowdad.io www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 widget-pixels.outbrain.com www.walla.co.il
1 tcheck.outbrainimg.com widgets.outbrain.com
1 www.googleadservices.com www.googletagmanager.com
1 ping.chartbeat.net www.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
1 img.wcdn.co.il www.walla.co.il
485 129

This site contains links to these domains. Also see Links.

Domain
weather.walla.co.il
mail.walla.co.il
mobile.walla.co.il
news.walla.co.il
elections.walla.co.il
sports.walla.co.il
finance.walla.co.il
e.walla.co.il
celebs.walla.co.il
food.walla.co.il
fashion.walla.co.il
healthy.walla.co.il
travel.walla.co.il
tech.walla.co.il
cars.walla.co.il
www.sheee.co.il
nadlan.walla.co.il
www.wallashops.co.il
www.drushim.co.il
www.yad2.co.il
b.walla.co.il
marketing.walla.co.il
mekomi.walla.co.il
home.walla.co.il
horoscope.walla.co.il
gaming.walla.co.il
fun.walla.co.il
fantasy-sport1.walla.co.il
judaism.walla.co.il
law.walla.co.il
mazaltov.walla.co.il
now.walla.co.il
calendar.walla.co.il
tv-guide.walla.co.il
holidays.walla.co.il
www.b144.co.il
tld.walla.co.il
beauty.walla.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
b144.walla.co.il
yoram.walla.co.il
career.walla.co.il
paisculture.walla.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
galil.walla.co.il
yarokkl.walla.co.il
daciatrips.walla.co.il
eilat.wallashops.co.il
www.wallatours.co.il
www.wallaprint.co.il
vod.walla.co.il
viva.walla.co.il
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
help.walla.co.il
dcx.walla.co.il
apps.walla.co.il
bit.ly
103.walla.co.il
www.outbrain.com
sport1.maariv.co.il
subtext-academy.co.il
www.aok.de
experis.co.il
www.manpower.co.il
jobs.experis.co.il
milucca.walla.co.il
havazingboimworld.walla.co.il
danonemulti.walla.co.il
friends-hist.walla.co.il
www.enaim.co.il
dominos.walla.co.il
www.kamaze.co.il
www.seolinks.co.il
hayoetzet.co.il
www.leumi.co.il
www.sugat.com
m.onelink.me
pricelist.yad2.co.il
www.oref.org.il
bama.bio
www.maariv.co.il
www.hamal.co.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
valuad.cloud
E1		 2022-09-30 -
2022-12-29		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-03 -
2022-11-01		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
crowdad.io
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh

This page contains 71 frames:

Primary Page: https://www.walla.co.il/
Frame ID: E9090DA1C528582DD75D4E8D8FE5B771
Requests: 180 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 9588ABEAEAA12C3A8B2174B1364D6D55
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 3A67C1F5CDBA8E4AF31E0B3E9C3AFE51
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Frame ID: 141EDC79E486154214C5A29E76E67628
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FC74DC9B4458F2ECAE167C73BB6C51EA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2E6FBCA6277B0B154B3233EEE2503D94
Requests: 1 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C5DAF3A88005F1D83D905F778E7515C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 75271727D8526CB9EC8CBA3160F57498
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/b1e31759f89294c677ee8d6d4bf3afa3
Frame ID: 33119D671D0148A479F71AE4599B3BA0
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: E82A7EA6454EA67F4D0F0F0771533880
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted&tc=1
Frame ID: BE6FF3EF4E951DBC0EE4F7A5A1DCA1FA
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
Frame ID: E363F25895541D1FB1E9F910B3ADFC8B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 4521FCD41DE31C47858AD902D051A4B5
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: D5C48C09760CA2D1040D31E0F8F7720E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/e21435ca-12ff-4f90-b29c-5c4c61d90dcf&partner_id=1010
Frame ID: DA9B47280D266A3624498B56A6233B58
Requests: 1 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A45872AF0AE18B3341EED7C98BF33A2E
Requests: 14 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B20DFE1F9414641713903F244516A941
Requests: 9 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28A0D3CAD3EF218075E31E628B01A1C4
Requests: 4 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 150C8216FF2B247667A92D5A8FE19348
Requests: 4 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 16B1F969C4766EDC71079DCE9C0F9AAB
Requests: 4 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB33966F5985E3AABE4FC0613D9FDD5D
Requests: 4 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 547BE126D3EE1044A0A52E111ADD94DC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: F6E3BEA8BA6876E12956F276F238457C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 3F1F9E398F0FC18E35E66C65D849DF0A
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y1e6kdAAUjwUO46a9eLRewAA%261116
Frame ID: B8E0E510B520388462551BC9B2D8F9AF
Requests: 1 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B699F5E45F8594C0A5E75B4B6DFF2C27
Requests: 8 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B953F4D7B25C5A7C5BE40B2A6AB9B5E
Requests: 9 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7ECDFCCDE389E5DA8F7761FFB5E6DBA1
Requests: 14 HTTP requests in this frame

Frame: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25212723527C16E16202E31CC211992C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYl6aQ1gEwAQ&v=APEucNVgGbLwDca0bzNxa0rqISYqaEOHaO4qbPBlFEqDJAA40wBiF335bTUzMo1WRGq69EvVLPHsuv16a-69frE5uyp9wlgA_fuZUiG14miTEiJlh_jHEcxFrNR854Tp0yXKudRG9ofJMEdQs98JMv2vTuLJ-CEayyti0sh3bflzKHSNhtB-DtQ
Frame ID: 8E8893A6411DA70FF03131B28CE33F79
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 770768328F929C25FA5E40EF01082307
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E508BC29E6C4299896368A54C77BDB1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html
Frame ID: C57FD18FFD15F78647244607B4168638
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4EEA3C083B38ECFCE7E1D5CBE1CDE77
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: FAF887B7B5EE04064899249C326063D7
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B29DCCC1722F900B079F5A3813BF8C3E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGInEo9IBMAE&v=APEucNVD0z8g5wFkUWOj00S-bBMPz7kGfZ4AGdGlq_hWLt8EQZ7nkACRi5m0z28xrYKjeJTCxfpY08ieLDE2KP_Q7hl4gz3YmxHFFsjmF0SuzbDexxol6C0WY8yYQbhubwdQDAVTrgUxxJsRB8Wy9z0ybl4X8tr53g6Qx4k6JNo-iPAe3LqFcyQ
Frame ID: A4003BFB1E4C2D2781D825487E2DA4E8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html
Frame ID: 913259D4934D1CBA213086DB8615E494
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7B4C52364CE00BA1B4210919B2FE70B5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: BE586131F26807EA51A9492EBEA7FBFC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
Frame ID: 8B04C3B439C5A9C0A771E65A4E3F99F7
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 153DEDFBD6092E1A29D003577E1DD1BC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 946C3DC5DCC07950DCA6BC26DEB021F9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 743335BBDE9BCC7CF0C33A964FBB85BD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8301F38CF77DE7B31565EB1D7B2E49E0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC57E6050308416420823A163F54AD3B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90F50CB353FF4D8972231CBCDCCE2622
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: BD7C9EC2BDC318503325E26007E4EF86
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1666693776877
Frame ID: D6459795CBA15BE7403DDE6787E82409
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C49B8F54DF9CC2BE694D21A67FEE7D19
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3FAC3E2C07FA854D73E2F6B559CF462F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 233F025561353C1BAA7DD430A9908870
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6F15BA70DC0F6818A5F38149A73CBE89
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: E888716C10E752D7F14987F5899D92FB
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: B0B41D8441C9C16874F951E21765306B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BE1AA138A0C90D630323D3E597F9A365
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 1F903FB3C11FF3F40BEE4EA48660577B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EA52B51CD0F81E556F3ADA49A885FDCC
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F1943B3993C2CD659B7A1A67C8A4BFE4
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 1A2DE24ED65785B9693A625FE0BBC984
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: C70FCBFB5B64C92C8B9EB312D119C03B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted
Frame ID: 5C7EDFE4A43D70B4BC83B47978776B93
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
Frame ID: AE92B791E80E3EFCE20AFF237BF34C47
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: B4F1D87F4E59FB80EF5FA61FDFE5CD7C
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 58DFD9C52A36261782F069D91446E049
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 3F695D7DC1730314EDE452752346BCBB
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 7BE1C5A79566065B8EE538F929195860
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 6EFDCD4AC73ECA844F09DCE9BAD4449E
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/ef0c8302-544f-11ed-ab94-11e121d60506
Frame ID: 2A552B0FFA65F18E715FBD2D8097B6CA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 9435D35AF2B7CA639BDB5BED752318EC
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Frame ID: C9308D84F089AC312497A79207EBE39C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! - האתר המוביל בישראל - עדכונים מסביב לשעון

Page URL History Show full URLs

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

485
Requests

89 %
HTTPS

39 %
IPv6

71
Domains

129
Subdomains

102
IPs

9
Countries

5075 kB
Transfer

17655 kB
Size

65
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=2c5148cb-a3af-48f0-a676-2b37dd123133&adnxsUserId=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D2c5148cb-a3af-48f0-a676-2b37dd123133%26adnxsUserId%3D%24UID HTTP 302
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=2c5148cb-a3af-48f0-a676-2b37dd123133&adnxsUserId=7918537102652715055
Request Chain 182
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b1e31759f89294c677ee8d6d4bf3afa3
Request Chain 190
  • https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4B69049688E4003122C135632A4CB3D76DE76066.51C337EF27BC065E67B4EB8743C183ED76ACD1A3/key/ck2/file/file.mp4?cpn=3OTHSRRFrGSc8BMI HTTP 302
  • https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59C7E773283728271881C026268F268CB893D899.054161D2F521990B7FCA64A2676365934F438E26/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:5a::8/mm/42/mn/sn-4g5ednds/ms/onc/mt/1666692864/mv/u/mvi/4/pl/47?cpn=3OTHSRRFrGSc8BMI&file=file.mp4
Request Chain 191
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted&tc=1
Request Chain 192
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
Request Chain 199
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 207
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/e21435ca-12ff-4f90-b29c-5c4c61d90dcf&partner_id=1010
Request Chain 218
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y1e6kdAAUjwUO46a9eLRewAA%261116
Request Chain 231
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvNtaC2Lur1k-tATGQj3fLwsLbZy1BxaGTegJSvgh6g_ywTY-Hwu03M1ArJ7Qt4o5uwdKRkvx9PX8PVjmkm3FHl5RlMdYO-_XiJlO8Ku8GGwQTl4tnSMDskp3sxDrhOa0IYxMc537Q6mIRXCqNeUXtmjj9MVTArMF2MBdzWT6PWVFiKhX43pFdDTMD-NLyA19Bv3WQ20vw2q1j9d5DFEq2qXUXklBUn2JFzuOad5CLrVJxv9IRsSk0_OMewVeQCV6zPSTBKehA45V5YzzynqCpkPO4ZDlflwVbKr6plTFTiY2imaCICv8AuQLahRUybCXDJ6gIxjvOIzJss6EOJ%26sai%3DAMfl-YQcMDZZftz0tQ29r80ooz3ccT00SMvCeBnqbm0XJkpGeu0VL8CfhD_vxQ-6H25JwAFhJSnwDLFF55bU_prXHvihG-s7CnnLcHYd8-PIbKdL3CAskWDM5uEnoxUd6BziCw%26sig%3DCg0ArKJSzEtT771LyrC3EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 242
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssKQTXnIJP53NtlzsBi6gkBwjBK2-tDlPJ1buC1V90IV3_nqdNYOw1a1QeiWZJR7_2A9XAA-sUA-FoaeQkMBosfDJluhEqLngExZGX4NqxarPdOVKhrP6FgNR8G2DkSxSfxMLx9cVmyO9gTPD51bZ5GVRjn6heKfK1tIOgG-iqd8nqBWY181VKBjKgwkk8UmVADNjAA0CLsBU5DyVJKP3Znygcs8F_vY3CH474EuaFNAbqBCRKQoxE0yALuFtwiACyqJmA_2nsj7gp8c-CrK8DyaHBNcz4SaWmKyKnn37ogm7T1UX4znv4d65-yORMCv12gj4y8A4pDOwRcL7M%26sai%3DAMfl-YS6e7AOTVIt10wod4MX-Jv3Su6YO31D3SJ_c1QADeuZUyoZRVYkvBHEmicSlbICqqetj3DD0PVzB26N25URiBjt5fJQFrv47U7q0UEwf9IprrI47-UvhnSbErIVABPIPQ%26sig%3DCg0ArKJSzDgNte6R4GAGEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 244
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsv1BSrsc5ejSoIolR0T2wP8SOn8qt1EpTqLNU3zLlPymymTyCSkg08h-DuQExlaz7v4V6oACyV4E5oxuDZu9wfL9z-tTVwyYKZfsxBoDb585wTdKaYBapnFsq7wOfTI0nErv_yAvu88iRbZfgT1c6z0n2EXgjjfhpaCN_YwT2QfhKmjxm1cKxNprxAj9vE1XFMtYfQZYEMfjSdWfmNTXpCCQsvU_pNd2sRmaVBn8ATJo3gh-NUUYWaVjYSq55MWERHABawdc2FAtui6HaI-Or3UdgvYr8A4018Idql52hYcyM1M7ZlSokWPjEWgL1iRZ0FpOKA4S6JUmx1gOU4%26sai%3DAMfl-YQZ-9Ji7VF3ytkaJFKQvvGKS5VaiYc-T9BmbQatK3W0Kcu8rqkQAe8N21Io128Lz8vSFD1GG_VDabiARHDxB9VNv9hNT21a3lMPt6MSTomjBxK27ytenqxWI7YhM5h4XA%26sig%3DCg0ArKJSzLFoglrM2JQ8EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 246
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss18CsplA7szeyxGN6PqUvgWuOoDjGG7MiZlkxgoVk9qaIck9_yHqev2HCrQu2z6kwVo-sW7o-ijcsag7N86JsQ0xQa6U9xc4zn1QxbGL421dmLVu2ti4E0CsSPOd8nGpXD2n1FRXSFgtclC4Z0alNBqNRliKUchEnJX_YLKo2tCyyfdPuORglSe_yN_-KU0-FXdY4_P0o5YqVI-Ni-7vhC4Bdf9Pzzum_ggr2MIfHt6KJoKPmsdpGsVlO40WObsQDqLCz-lAdr2DBj6rx1d-XKM8uasC2BJep2MfdGghnzO9PhmZG-0YWuXNXJbel1Rv1xV0R6eLSNnot2juI%26sai%3DAMfl-YRG_9ojk1oU0_XEj4cib-58ZDgXYAMyOais5dorP4N091x5PKrP6oNAR98pDYHjL3_j9Od2iwXwADNx6OSGVlfCTQnbCz4KH6RTKXqDH6vTfZQUpSdLGS-6tykJ4uKPnw%26sig%3DCg0ArKJSzOZHLC02YXpqEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
Request Chain 283
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1e6kdAAUjwUO46a9eLRewAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKWUkxFfuPE10UCkczPADj4&google_cver=1
Request Chain 285
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxODUzNzEwMjY1MjcxNTA1NQ%3D%3D
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKFrcCbq_Mrw4ebeAYFMKO4&google_cver=1
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENYOPxybkYJR-SmlSiQrF8U&google_cver=1
Request Chain 312
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKd8FSa_ErMC8FTIWn_NeWU&google_cver=1&google_push=AZmPxg_TV-XFRM0Z3vRIiFjFZB6OP4hwPXYuvOjtw_DzQFYDiwXk7MLM--R4FWDTIut8IFJ7P4q9O4bF9oa2dXKuZdhjU2gh9mAKDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TV-XFRM0Z3vRIiFjFZB6OP4hwPXYuvOjtw_DzQFYDiwXk7MLM--R4FWDTIut8IFJ7P4q9O4bF9oa2dXKuZdhjU2gh9mAKDA&google_hm=MzU1ODM0NjIyNjU3MTY1OTQ5Mg%3D%3D
Request Chain 313
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEFU8aEOL64nwjgTp8tSunw&google_cver=1&google_push=AZmPxg-6FhLPmBkMnkvOVu_hMYaKjDRUZHi2s4PtFXnVi9AdinN8a7G3Li37HATgU8avqFl0EYuFadnPWZ_Ve2BMNAoRvsIaqskS HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEFU8aEOL64nwjgTp8tSunw&google_cver=1&google_push=AZmPxg-6FhLPmBkMnkvOVu_hMYaKjDRUZHi2s4PtFXnVi9AdinN8a7G3Li37HATgU8avqFl0EYuFadnPWZ_Ve2BMNAoRvsIaqskS&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-6FhLPmBkMnkvOVu_hMYaKjDRUZHi2s4PtFXnVi9AdinN8a7G3Li37HATgU8avqFl0EYuFadnPWZ_Ve2BMNAoRvsIaqskS
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_cver=1&google_push=AZmPxg_aG1-axsMN1yWroWSigEY-eBnLRLreWX_IDOIBSbk-EaM2mr16Z5TfYL3oryCncfGSNinq2wleiDrNSc3lM9dzg2dK5adsXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_hm=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&google_nid=index&google_push=AZmPxg_aG1-axsMN1yWroWSigEY-eBnLRLreWX_IDOIBSbk-EaM2mr16Z5TfYL3oryCncfGSNinq2wleiDrNSc3lM9dzg2dK5adsXw
Request Chain 315
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOArTdqKOCnTEdDLN2zkt5c&google_cver=1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1666693778126 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6ecfd3fc-d49d-4811-8e2b-c9a339c282c0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg%26google_hm%3DA27P0_zUnUgRjivJoznCgsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg&google_hm=A27P0_zUnUgRjivJoznCgsA
Request Chain 325
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEcFEm_Ih2J4cNgE5of5KV0&google_cver=1&google_push=AZmPxg-ONvVV95TKKSV0Sz1G8nYxIg0EqZ_qI37XquNdtYp-FPRh6IpwohkJ9EaPAOxmf9ro9Uf_BhH43yyvaFqmfW9-5dx6Cg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcFEm_Ih2J4cNgE5of5KV0&google_push=AZmPxg-ONvVV95TKKSV0Sz1G8nYxIg0EqZ_qI37XquNdtYp-FPRh6IpwohkJ9EaPAOxmf9ro9Uf_BhH43yyvaFqmfW9-5dx6Cg
Request Chain 327
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEFU8aEOL64nwjgTp8tSunw&google_cver=1&google_push=AZmPxg9O-ATXsVCUyLrD3u7mUwKlqQTom77WreFA_8i_aUzPFF-mdMN1EYfZBsLmnEpWo2AWe1FQCfFOnlJSsJHU1kXKCB0BXIk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9O-ATXsVCUyLrD3u7mUwKlqQTom77WreFA_8i_aUzPFF-mdMN1EYfZBsLmnEpWo2AWe1FQCfFOnlJSsJHU1kXKCB0BXIk
Request Chain 328
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEzfNC7wQOfN2JU5axfjzko&google_cver=1&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQDAMTN3HjT8 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEzfNC7wQOfN2JU5axfjzko&google_cver=1&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQDAMTN3HjT8&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQDAMTN3HjT8&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
Request Chain 329
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFphF1qbrIfHpnxrkqr_dE4&google_cver=1&google_push=AZmPxg85EnfFxD8oFbB0PLfCrWPjHBSXRan-k8cBeL-LoDwkVy6wn_dy1FV3G-zwuBE0Kw3RwqOLZtyxvec-0k_igoEIXLSvftk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg85EnfFxD8oFbB0PLfCrWPjHBSXRan-k8cBeL-LoDwkVy6wn_dy1FV3G-zwuBE0Kw3RwqOLZtyxvec-0k_igoEIXLSvftk
Request Chain 330
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC7aymFhzdJXA6YEOi48wLA&google_cver=1&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q&google_gid=CAESEC7aymFhzdJXA6YEOi48wLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q
Request Chain 331
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs1rwcU9o2bJ-jd94exN-ra5qnouWgko2v6aBSXnF5R7TbRNuDej5R2JJYRKbs?google_gid=CAESEGuU60ahzTwcKZ8oaSxuL_s&google_cver=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs1rwcU9o2bJ-jd94exN-ra5qnouWgko2v6aBSXnF5R7TbRNuDej5R2JJYRKbs?google_gid=CAESEGuU60ahzTwcKZ8oaSxuL_s&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs1rwcU9o2bJ-jd94exN-ra5qnouWgko2v6aBSXnF5R7TbRNuDej5R2JJYRKbs
Request Chain 343
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 355
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 391
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cver=1&google_push=AZmPxg_ksfJR9dnuIrukrj8u0mdANF9z-DS86wgXYr85yj6OweN_r1GukZiBeh0o_B5r88RC7y_Eq8-PZaVqxLvdpt6dXi6wIS-3 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cver=1&google_push=AZmPxg_ksfJR9dnuIrukrj8u0mdANF9z-DS86wgXYr85yj6OweN_r1GukZiBeh0o_B5r88RC7y_Eq8-PZaVqxLvdpt6dXi6wIS-3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDRMMEtyZzIxT05oYkk1&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cver=1&google_push=AZmPxg_ksfJR9dnuIrukrj8u0mdANF9z-DS86wgXYr85yj6OweN_r1GukZiBeh0o_B5r88RC7y_Eq8-PZaVqxLvdpt6dXi6wIS-3
Request Chain 392
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH6eF2PZL1kzu2J9JDbdbUU&google_cver=1&google_push=AZmPxg_gecUIlxMt8G_vsIiTG0kADhuJehfHYXy5SzKWgSePpsLfZ67MSsq3Z8SvhXayxtTXzJkH226f8C2yuyVfXAoAwiSu6uT2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_gecUIlxMt8G_vsIiTG0kADhuJehfHYXy5SzKWgSePpsLfZ67MSsq3Z8SvhXayxtTXzJkH226f8C2yuyVfXAoAwiSu6uT2
Request Chain 393
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKd8FSa_ErMC8FTIWn_NeWU&google_cver=1&google_push=AZmPxg9HufW6QfGPwfoXzbeWsqv_IPh695ih3qk0igwbYIrmQxkHnfElhvMQzDef3vemG81LjCPWs-4BwFeN3MvvneHdcJRxZYyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9HufW6QfGPwfoXzbeWsqv_IPh695ih3qk0igwbYIrmQxkHnfElhvMQzDef3vemG81LjCPWs-4BwFeN3MvvneHdcJRxZYyQ&google_hm=MzU1ODM0NjIyNjU3MTY1OTQ5Mg%3D%3D
Request Chain 394
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgI_Ol0pWN2TMRUDMPI9L0&google_cver=1&google_push=AZmPxg9asyDxrQ9siBIpj3kJPvluOoKsMuQ0Vfx7-6PDDK8vd6FiB82Vr45w9VSMwfZ5Snj2vUd7-lQeqqtCCuXEIL929t6PNdci HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa&google_push=AZmPxg9asyDxrQ9siBIpj3kJPvluOoKsMuQ0Vfx7-6PDDK8vd6FiB82Vr45w9VSMwfZ5Snj2vUd7-lQeqqtCCuXEIL929t6PNdci
Request Chain 395
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEzfNC7wQOfN2JU5axfjzko&google_cver=1&google_push=AZmPxg9AHwZgSZA45OXsWS53sAJxNTkZt4nfBPuPcfchrYP1UOOgWKd7_7i-GlcqmIeINB18bVxbpmvp1F9A6pWx1F2sSQr2lTsr HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9AHwZgSZA45OXsWS53sAJxNTkZt4nfBPuPcfchrYP1UOOgWKd7_7i-GlcqmIeINB18bVxbpmvp1F9A6pWx1F2sSQr2lTsr&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
Request Chain 396
  • https://match.360yield.com/match/ebda?google_gid=CAESEFCN1TZWlgyYfxI6NdRa4Nw&google_cver=1&google_push=AZmPxg9MRbFfR5aVeJaaBI6QKlU9IB4noaVAgWkK0NnEpLgxjnVicj5Ui2nI9czyjwzLYB3Y5snPNrKg4a7R9cIJhokYZgTyZfls HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4hQ1yhL_T5CynFxMYdkNzw&google_push=AZmPxg9MRbFfR5aVeJaaBI6QKlU9IB4noaVAgWkK0NnEpLgxjnVicj5Ui2nI9czyjwzLYB3Y5snPNrKg4a7R9cIJhokYZgTyZfls
Request Chain 397
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC7aymFhzdJXA6YEOi48wLA&google_cver=1&google_push=AZmPxg8IEUkA9VsNSng2luDNZh1vEqoT38c2Zdb7jB5095dy733MStEAtHXpGJjmkeWCqCushIzm7BBZSBKFBSguxVTOUxc9xg74 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg8IEUkA9VsNSng2luDNZh1vEqoT38c2Zdb7jB5095dy733MStEAtHXpGJjmkeWCqCushIzm7BBZSBKFBSguxVTOUxc9xg74
Request Chain 400
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ-h25tkusQBfXEz2deeBmI&google_cver=1&google_push=AZmPxg81q8bWUi3h85_P4fDzjA6w8pF6GkRe6UTR2H-QmZ1wuODmu5fQmirXgUnIGhC-ZxYAHv6CQ_Im3VveYIeY_PKtq-S4SLc HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg81q8bWUi3h85_P4fDzjA6w8pF6GkRe6UTR2H-QmZ1wuODmu5fQmirXgUnIGhC-ZxYAHv6CQ_Im3VveYIeY_PKtq-S4SLc&google_hm=gqt5zeV_iVeWPYaor5dUqQ
Request Chain 403
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECRP5bAZmFbXZnxqNoyyyW8&google_cver=1&google_push=AZmPxg9egTKLFRiCFtfXqlSnqjr4YBKmxUqn_h4UD46mfeRH92xl16eU6F0TQNmg3V5n3zxmkdSBMHPAe5SfDDLrH5pZpeOe_A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cNwXxz4ORqqxOwerPZqx5Q2&google_push=AZmPxg9egTKLFRiCFtfXqlSnqjr4YBKmxUqn_h4UD46mfeRH92xl16eU6F0TQNmg3V5n3zxmkdSBMHPAe5SfDDLrH5pZpeOe_A
Request Chain 404
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFphF1qbrIfHpnxrkqr_dE4&google_cver=1&google_push=AZmPxg9HC_e6IOnHjEV1eZn9s7_9kRUg9ItOo4s9SThnqw3IrSMpkCn7dR57ZMXBAu-_GmHIes3yTXd7veziOStMLBqNShhA2oU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9HC_e6IOnHjEV1eZn9s7_9kRUg9ItOo4s9SThnqw3IrSMpkCn7dR57ZMXBAu-_GmHIes3yTXd7veziOStMLBqNShhA2oU
Request Chain 406
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg8P-NAgiLVauOXNQLvgdAy80003SDpOv_5zdHIc2sAYCc5BebOPKkH9aKPacsipQM8x2-IJHDZn5AMK8WvMo12y4WKCA1ss?google_gid=CAESEGuU60ahzTwcKZ8oaSxuL_s&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg8P-NAgiLVauOXNQLvgdAy80003SDpOv_5zdHIc2sAYCc5BebOPKkH9aKPacsipQM8x2-IJHDZn5AMK8WvMo12y4WKCA1ss
Request Chain 450
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=q_JrYXxVcGNCOEN6YVRaeS9hUVl0ejZ4R0J5bXpWYU91Mmo2d0VXN2szT0pDVmJwR011WHMyRTlRei8xdFYwU2FSNmNnQ3ZGdTBNbE9kVmRNazJ6WUFOaldXMzdyanpualBHcVdkUy8rMlFDNWtGZGVJSEZBdjFLVEUxcVJKMklwRGUrK2xiVnBNNExJb3ZrbVBVVXBUVzJ2Njc3LzA5Z3R6T3IxUmUweGRzUlVuTko1SDFDalZxdWtXUithd0NnQTg0QXVYRWFmMkEwZGNxK3pYZTVpa1lvaUpFY2IxU0JCenpWSXRmWTI2SDdTby85QTVrR1ZtZG1EbjF2R1dDTWxxcXgza09yaFNnQ0JmakIweHlVa00wckszUT09fA&cppv=2
Request Chain 452
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=O2AzEXxtMnFOd3RKZHlCMXlpZkhaNGVKV2pMOFVBSFdZekt4eDJXMWdPTWxEVXplQTVLSHBMTWtpdHlBbHJtdTRGNlFHbk40Ti85SUF2ZVUyblMrenNremptN2psNEtoYmwxb2ZBZ01abUNLSzE2SmdLQVMvQWdnbVkxUTFqMCtoMGUvYytQcUZqVTY4NVh4MnZyM2V0Zy9STGNUOG02YTBYUndxWmZiVXFsWkJhVmp4MTV0dkxiMWlUeURUNk9sYTdpaytGNXNTUVBzdTFjcWlHSE9NbUY3QUVhK25jVlVyOEFBbGdsWEpNM2xxNTJ2aTFDTWRnc1lqY0Y4dG1yN0tsb1NxUnJHeGlDKzNQNUNtYzJxTWJQKzExQT09fA&cppv=2
Request Chain 473
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&dcc=t
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_cver=1
Request Chain 477
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
Request Chain 479
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1e6kdAAUjwUO46a9eLRewAA%261116?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1e6kdAAUjwUO46a9eLRewAA%261116
Request Chain 480
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 482
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted
Request Chain 483
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwjPsZBeGWTqJTUE3X1I2A&google_cver=1
Request Chain 484
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_7qeYy1u4i8mrxtJEyx8-A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3558346226571659492
Request Chain 485
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVjNGUxZWQ4Y2IzMjVkNTQ3M2M0OTgxMTU4OTgyODI3YTlhOTgxYQ
Request Chain 486
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=y_u9gBtBROGFXnn7XfEwbw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=y_u9gBtBROGFXnn7XfEwbw
Request Chain 487
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ec2PfzPkRAaJnjkL-SQXdg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ec2PfzPkRAaJnjkL-SQXdg
Request Chain 489
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9O2FWYM-O-9TTZ
Request Chain 490
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa
Request Chain 491
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
Request Chain 493
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 497
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=ef0c835d-544f-11ed-ab94-11e121d60506 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/ef0c8302-544f-11ed-ab94-11e121d60506
Request Chain 498
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

485 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://walla.co.il/
  • https://walla.co.il/
  • https://www.walla.co.il/
696 KB
325 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
94242dd6e5adbf5b1cd263c733addc790097cd143baba708c32375d662b6bb52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28
cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 25 Oct 2022 10:29:06 GMT
etag
W/"ade50-GV64iY1ZBYQhgDq6KIqQr8KpMJo"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
x-amz-cf-id
oSPCkHWR1c7_5W51Ok9LIFA5z0WChLbHzKVx5h5bbHdcAssuwFSF7g==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-cached
HIT

Redirect headers

age
238
content-length
0
date
Tue, 25 Oct 2022 10:25:36 GMT
location
https://www.walla.co.il/
server
AmazonS3
via
1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
x-amz-cf-id
0wfxZnPwEktukBbj3si8npRKpGjWPyFJI8fQI5vpEI1YAN09KBqP1g==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64e135d1fd7a183581dcf20e7395992977f83aec076f9a3863a79dfadbf6fb07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27292
x-xss-protection
0
server
sffe
etag
"1374 / 854 of 1000 / last-modified: 1666649227"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 10:29:34 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:59:53 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
1781
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
PZC6SCj9-bPvOnD_2lJWScoROxZhgMk11K7YzW0WJhbyFzYHBqnmpQ==
expires
Tue, 25 Oct 2022 11:59:53 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"473-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
bm5K-A52SHgnIo7Dhdv857SA03QdcKq0RMZvB4l4QvN-HahjMetn_g==
x-cached
MISS
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"7ee-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
C5h9Fkkh0cvxRQWAjcrjChUd0AsKSIXr1TGV0LbxVOG1-wqjtomXDQ==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"1d0-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
JFqXA8w6sdqshFCl_wgRPtkJovjNgiS0XCtK6jNGIqdVEmTP9JfzFg==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"492-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
NmmRPf0NgPEZGkDjGaINF-4upVAFvkVfG9vBHSgd9p8-Wvp9C28yFQ==
x-cached
MISS
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"c00-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
v5p3qR1HRMy-p3-Yg81_TZdRweglr29fmkUoZaGl_jQ03coj2KBfBg==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"488-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
sfJyjh--BBmhQXjOeHxKOGeE2PrrZ6uKKTBnfZitF1L51M6OnfwiPA==
3441981-46.png
images.wcdn.co.il/3/4/4/1/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/3/4/4/1/3441981-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
241e253c8cfc2a4eb629c8c6edf0a0f2fa1b6f01661cfac1a9ec67eaf040e7d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:46:03 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
179011
edge-cache-tag
420112616831785005082775342137825504656,d2bce9e04f88d43dd8350e859c701704
cache-tag
420112616831785005082775342137825504656,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
11473
x-served-by
cache-iad-kjyo7100028-IAD
last-modified
Mon, 03 Oct 2022 12:39:34 GMT
server
cloudinary
x-timer
S1666514763.498619,VS0,VE2
etag
"7cdf0d3e50ada218ea45b5faf1d2beb6"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
EVOUXHqc9CVKr45ZQCAYFFAoFV1yTbAbWO0He-ZZJhh7e7adVpZ9kw==
x-cache-hits
1
3448984-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/4/8/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/4/8/3448984-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
8926f136616b914a03a450eb25e49dae96aad373b67d989cea66ac8002a58133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:52:49 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2205
edge-cache-tag
378078577251371084360716481782691469166,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag
378078577251371084360716481782691469166,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
29498
x-request-id
849fb429c59a786673b06f6645067493
x-served-by
cache-iad-kiad7000038-IAD
last-modified
Tue, 25 Oct 2022 09:52:50 GMT
server
cloudinary
x-timer
S1666691568.434201,VS0,VE894
etag
"7c4fc37f5c7dcdeb61789724d8ad3993"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
DFp3PeTy4Ftgorh5Y3yt6hOcPVrnkzFKyV_PyyOtZdig0FViQmpxjA==
x-cache-hits
0
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"834-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
wkB1VBNdi1GJ_UaPbR3_W3gW7mGvdwvLzXF2HBRVzy3IGDYkSgSQRQ==
x-cached
MISS
103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"37f-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
895
x-cached
MISS
x-amz-cf-id
Hn2oCGpDsXZGKVkd03Kk5e1FYQPQciIEN_Mxo663V_qiQiTvall7Ew==
99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"3a5-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
933
x-cached
MISS
x-amz-cf-id
tT-AoKyqOSeifhJBo5BIoS9rHWlxsTNy-tCrJJmrl6oYl-8rYjhsYA==
2977204-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/2/9/7/7/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/2/9/7/7/2977204-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
3b62ff5a9325794e939b09f69601248dbe6fe195673a1737d7397f4c0d40512b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 11:19:12 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
429022
edge-cache-tag
393090266006205123368055223161311985228,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
cache-tag
393090266006205123368055223161311985228,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
8149
x-request-id
0efd8fb033403fe248d561f76fdc0f41
x-served-by
cache-iad-kiad7000123-IAD
last-modified
Thu, 20 Oct 2022 11:19:13 GMT
server
cloudinary
x-timer
S1666264751.786138,VS0,VE2003
etag
"e0ffefd34768b4369d3b4b8ca5a0d0bb"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
FPAIE_7ewVOXizTrHJcFbNR8wamiaqxDmqgtE9BIH79zgBd3UAwe0w==
x-cache-hits
0
3448907-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/4/8/ 		747 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/4/8/3448907-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
03cf495a252bd8a38528b3309c1834ac67af9f147b3ee0739fb0c540e901e773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:30:27 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
7147
edge-cache-tag
272127990181770664678659000058622424358,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
272127990181770664678659000058622424358,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
747
x-request-id
e029d301af6ea37c75ea46715ff1309d
x-served-by
cache-iad-kjyo7100028-IAD
last-modified
Tue, 25 Oct 2022 08:30:28 GMT
server
cloudinary
x-timer
S1666686623.169428,VS0,VE4078
etag
"aa5988e958dbbbc02f987900f94380e0"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
RT6nOzJrOG8dx-X9T4ZpzmXlAQqwwn0d-hVKGVuv7ieAGBDbElx-Gw==
x-cache-hits
0
3445780-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/4/5/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/4/5/3445780-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
7c0a33a4eedc8475a6d8999f178d7b14b778222d518f60c91b844c13d7de54d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 08:30:36 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
525538
edge-cache-tag
163806121542429280277754159980744485480,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
163806121542429280277754159980744485480,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3100
x-request-id
01504518f1b425f4adfdb2b06489c8e8
x-served-by
cache-iad-kjyo7100154-IAD
last-modified
Wed, 19 Oct 2022 08:30:37 GMT
server
cloudinary
x-timer
S1666168235.245965,VS0,VE851
etag
"f786dec85fd9436fc99650d44817a6a7"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
SJ0r3ogZT76zPXrGpaFbwJvVMXxkIktQ53fccUUW46Ww__Y4ppjb9A==
x-cache-hits
0
3440231-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/0/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/0/3440231-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
c60843b4d55c731a72cb726011d162901f63910015a3cdac719a0f0c4e4faa9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 08:27:28 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
439326
edge-cache-tag
303520271225593291219837737418509753100,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
303520271225593291219837737418509753100,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
12457
x-request-id
eeda518c1dacaf6f54d74a75baa99ece
x-served-by
cache-iad-kiad7000165-IAD
last-modified
Thu, 20 Oct 2022 08:27:29 GMT
server
cloudinary
x-timer
S1666254442.379654,VS0,VE6538
etag
"e2d3cb3492c2f5f33c95a6aa8304b7e2"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
bbX9SfnwBDay2T0MCakRtO8ECWTD9LbcWEDR_hm3GF9BhLK4HuWK0g==
x-cache-hits
0
3425986-46.jpg
images.wcdn.co.il//3/4/2/5/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/2/5/3425986-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
e90afefe008174901648b6984e3849d61ab51fcd2f9c260cb182f1b9eded2b4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 13:08:35 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5001659
edge-cache-tag
354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
cache-tag
354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
35924
x-served-by
cache-lga21964-LGA
last-modified
Thu, 25 Aug 2022 07:06:31 GMT
server
cloudinary
x-timer
S1661692115.029574,VS0,VE1
etag
"e8ad9a497fd64fdf8908a78fca482108"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
btl-MELnfdzhZXIt3JcrWQkBknPsxn63Z3QmPUf7rXQyWnt07hXhvA==
x-cache-hits
1
liga-banner-desktop.png
www.walla.co.il/public/assets/sport/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/liga-banner-desktop.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"499a6-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
301478
x-cached
MISS
x-amz-cf-id
-0AOyXqTkvY8m1sju4TLcdQOgjLXVbEVS5gPVFwT2ijosPI3dlA0Mw==
mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"f8c-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
3980
x-cached
MISS
x-amz-cf-id
89pi7aztOKNqkXOjsFZQlu2RwbnAPEnmqzOc0vxxCjByrz1BSb6s1g==
3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-56.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 09:47:53 GMT
via
1.1 varnish, 1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
25490501
edge-cache-tag
315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag
315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
732
x-request-id
8f0cc0a56acc78a5181b26473a7255de
x-served-by
cache-dca17753-DCA
last-modified
Mon, 03 Jan 2022 09:47:54 GMT
server
cloudinary
x-timer
S1641203273.063826,VS0,VE583
etag
"79624ac971cffa490d9827a952393183"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
C1WvCCJVgd2cSlXXxHigqA6T9-oFTuG7wG1jzpTbyNBaN8TEzIqScw==
x-cache-hits
0
career.jpg
www.walla.co.il/public/assets/icons/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"be7-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
3047
x-cached
MISS
x-amz-cf-id
Dt1Yk3vUs9wUlT4Cg5V_2iKyasYpYmF8jI5cEySv7Fr00mJ79YyJ6g==
mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"9ce-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2510
x-cached
MISS
x-amz-cf-id
fNoOAX_7u--Rip-M1cE88hWwjLbcPpKmIWxc6URhJz1UODlw_noLWg==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"27c-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
usOdON8C1qsf8ViH48rQk959N6rI2E1bAjVhI4z7UrPg8JMSy03HWg==
148_248b4149632420b886ad_248b4149632420b886ad_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"2b34-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
VdEmf77NSm52BcyQ_7JIMpdoPFQ1gZ9FtZqzvGeLQjMNSXw2y59Y1w==
x-cached
MISS
666_4fa2305744511e336985_4fa2305744511e336985_walla.js
www.walla.co.il/public/ 		310 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/666_4fa2305744511e336985_4fa2305744511e336985_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
920b3298d1ede52cd3f118cd4177e36c305e7d8bb18be8ba94934247fbec444a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"4d658-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
nD8J8X1-7k3DtTy8y28jjBzeEm50XizvPo5X25g0HO446xivgT0RSw==
x-cached
MISS
main_b6870ad68b0a06fc5d7c_b6870ad68b0a06fc5d7c_walla.js
www.walla.co.il/public/ 		1 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_b6870ad68b0a06fc5d7c_b6870ad68b0a06fc5d7c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
74cd7edb4aa79b0a4a1074aa76a1e0006c3250c2accdc7fdf6f687697234534a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"11c203-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
J3wYiH9j0aN-eItvHzdypa7BNFhm5ttGOkw90nHj-9b7P37462ElHw==
x-cached
MISS
36_1a189b5ee36728b25318_1a189b5ee36728b25318_walla.js
www.walla.co.il/public/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/36_1a189b5ee36728b25318_1a189b5ee36728b25318_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06739adc1e7cea00ae15e9b4758f1c6ca8a8d65c694b80e5ebb4bf7ef6100fc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"5287-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
KcTxk-isc-IU3HMbUAO4tVK6gQ0FWvkAiwZRNwSO4REss_JgmgQrMw==
x-cached
MISS
homepage_4063b2b68f031aa02111_4063b2b68f031aa02111_walla.js
www.walla.co.il/public/ 		255 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_4063b2b68f031aa02111_4063b2b68f031aa02111_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
451b602c403397960b379dbf839d25b41ea356970ed7edc7080c226c8110fb49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"3fd5e-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
vgKyNxCyHZV4WcQFwB-QPJkOSfkCspOrypPSOLiYAn9fA6T-des1Ow==
x-cached
MISS
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 25 Oct 2022 09:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 09:54:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		905 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9f6af34cbf74347cc35ce04835485b5d4bb48bb961134c12396d8ff30d65821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Tue, 25 Oct 2022 10:29:34 GMT
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		895 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
515e3e6e09f6b0ad8436d1dda33a7a689e7ef111ad485ce26bb36f209f540da4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 22 Sep 2022 14:19:12 GMT
x-amz-request-id
tx00000000000002c73ce67-006357208e-2b9df863-fra1a
etag
"c632ebf889ba989871a1f5d72dd028e5"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1666693774.dop237.fr8.t,1666693774.cds125.fr8.hn,1666693774.cds258.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
247104
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 10:29:34 GMT
Content-Encoding
gzip
Age
1238
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29223
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (frb/668B)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		403 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1ed341b4979b506ed9d68732eb1734d8b8408124c05bc7268ba1faa23524f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84263
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Oct 2022 10:29:34 GMT
gtm.js
www.googletagmanager.com/ 		444 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef38ad7ab687550e83e103137644f808dcd038e5d8f1c21b494bb41ad553f4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65133
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Oct 2022 10:29:34 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6800:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding
gzip
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
date
Tue, 25 Oct 2022 05:31:54 GMT
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
17917
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
n4dhnAQnZM9q01LOGexbsqDAiASnvCWT-cVCBCnrSY77HGm1pM2fwA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:46:53 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
6161
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
1oDqTcQpmQaUxv3Ab_yqeAAeyOCHLfNGNPWy_bxLMkMWguOq8DJfpg==
expires
Tue, 25 Oct 2022 10:46:53 GMT
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"5b6-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
3f86zAU-4c0qQHB1b8lkwUIwJ8GowmUFEUx6VPxGukQW4-jzia5Dpw==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"2e7-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
AFT1vo0JGbCgbWAZZkoO9Saplyg0HFrODUV1tagv6kIOzAGJQbUv1A==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"b30-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Ylg0AzWS61I_pa_oKW_gKZYiEzr8PmtKRKSqj0LyYgp-H0T_QKK98w==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"85c-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
KPXfP3XZtYHWfziVvbuFGvcSn8N_BKizLlX3KRucjhl7IinsSto5Uw==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"5f6-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
p0yl6yxPof1zDhvdEp7s1VdqSsV-iJ4efRW8bHVIO1kKJ7YRCA9Clg==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"e954-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
B7vNYXPRdsv4YVSSz3mW9uY27GmoCtcanT88YxtZ3jvNx-s6VCgN4g==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aada4f36b8b83dbf1a5201c3b2cc3822d747c3ea94f551394883011671393ad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
15
date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
3027
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1001
x-served-by
cache-fra-eddf8230050-FRA
x-timer
S1666693775.602074,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 23 Oct 2022 09:39:07 GMT
outbrain.js
widgets.outbrain.com/ 		212 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49d1b01908a0458cc5c8be630efd8c6e9ac6759afefe9e4a3f2938552146a360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:03:10 GMT
etag
"15-Fmrr5tUN2HodXfppwhSLKo7jNgE"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
52f0f030936b2083c09efd32b401bb9f
timing-allow-origin
*, *
content-length
74652
arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 		475 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"1db-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
475
x-cached
MISS
x-amz-cf-id
Xn9mm7zdkXxAtCi9CgX-kUK3jrbIv5QhZbKIdjC0O4mN0oCDbqw7rg==
play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"199-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
EPVLPjWcrBTGzexUBCfrlO7trYsP1s6Dn-gz-G_0VfRY5GhyeI_wEw==
play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:38 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
56
etag
W/"199-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
me7hMkWC8q6G49gE9B9IE829LkIJgaNO-ySnHDF6nEhkfvjqpAjd-A==
walla-sprite.svg
www.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"4a05-1840e9f9fc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
a1RVlT9KmvezH5GJ94h6NBKUF3gawFo1NS2h1YoEwGrOGBUMibvqWw==
x-cached
MISS
icons-play-live.svg
www.walla.co.il/public/assets/icons/ 		298 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"12a-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
298
x-cached
MISS
x-amz-cf-id
S53Nf8dyybgSO2hxKStq03NYs25RFqtLNdoi9VXehfbxqWJ17BcASQ==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"3bdc-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
RwEAF6uShI2PXhaSe1yfqPtFzfk9yGQeHyAnHlimmiDZMEl15GfSXw==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"e7c0-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
U-0q3ZTmN9vcESJUuMaibh-emNq_sm450icqmte5uIPRClDzBXmf-A==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
57
etag
W/"ea00-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
zkONccv3npTSZdRAKdmm7fSrLPKTK5-_REkqV_8BOodM2mDPiP44OQ==
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame 9588 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
431140
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Oct 2022 10:29:35 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67DF)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-10-25
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3600:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7366672c7309113ce12beb12478774bc7ed93bc3f066f38bb3bf5c57485e47f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 07:45:32 GMT
x-amz-version-id
fJ6OxwQ2i6ClHgUlktD21ZZFhrK13sEw
content-encoding
br
last-modified
Sun, 04 Sep 2022 17:48:46 GMT
server
AmazonS3
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"3891a35af9cd00643f2e83d64997acba"
age
9844
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XuveCmN23v8jKhdRRXlshD8cHIvieqIGgP8w3n9N5gicwXHpURg-8A==
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CVDOAwBhOVB_D4nQBT&c=0&V=136&x=QCd4eFPQ9kqO5&v=A&ml=m&sl=Bo3TQl,Bo3TQl&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.101.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-101-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CVDOAwBhOVB_D4nQBT&c=0&V=136&x=zwmjbz3AoO3X0&v=A&ml=m&sl=BiKCY1,BiKCY1&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.101.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-101-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CVDOAwBhOVB_D4nQBT&c=0&V=136&x=IRlsFXfXvjKEL&v=B&ml=m&sl=DWBK_C&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.101.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-101-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CVDOAwBhOVB_D4nQBT&c=0&V=136&x=xwemx4JJNRdgt&v=B&ml=m&sl=Dd_94H&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.101.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-101-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=CVDOAwBhOVB_D4nQBT&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11105&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1079&t=B69sABD9mWNRB6IyomE7DdFFPGy3&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=Ck83B5CCvwnjUT2KSBPntmLC7of8B&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.42.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-42-121.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 09:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4421
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 25 Oct 2022 11:15:54 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
9e5d7b09e791389be97784c6f9b16e2dc1a2d9937788d93fe8fff709bc395d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16831
x-xss-protection
0
server
cafe
etag
18014762903861546619
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 10:29:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Oct 2022 10:29:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
bnVppSsIl0Sq0yw9Bf5LWoAyRZroMvF0GAxTypgMdg+topEn8VXXfltrMqAS2f/n8WIKcpxN2DJZIje0ZG2Wcw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
d3d3LndhbGxhLmNvLmls
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LndhbGxhLmNvLmls
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 10:29:35 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=16149
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
cfb60c15f5805f324b0ed769efa11c6f
Content-Length
16
Expires
Tue, 25 Oct 2022 14:58:44 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:35 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 24 Nov 2022 10:29:35 GMT
391_cbfa4eb815facd46425a_cbfa4eb815facd46425a_walla.js
www.walla.co.il/public/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/391_cbfa4eb815facd46425a_cbfa4eb815facd46425a_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_b6870ad68b0a06fc5d7c_b6870ad68b0a06fc5d7c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
cb54f4d049a061aeeb518ed929368933228fb1f79149772e889b4beac323aeb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"1e853-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
9B5GD2ZviDd1laeUq23ofDbL9lfX0vrBSVfIfWpa70i53w1abkftJg==
x-cached
MISS
PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_b6870ad68b0a06fc5d7c_b6870ad68b0a06fc5d7c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"cfc-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
sInJyD_sUcyYgqmVAvNlBTsJ4A5W8qXLSRxpkLpYqCw1LI_3q6of1g==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_4fa2305744511e336985_4fa2305744511e336985_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64e135d1fd7a183581dcf20e7395992977f83aec076f9a3863a79dfadbf6fb07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27292
x-xss-protection
0
server
sffe
etag
"1374 / 95 of 1000 / last-modified: 1666649227"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 10:29:35 GMT
3536736
dal.walla.co.il/event/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/event/3536736?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_4fa2305744511e336985_4fa2305744511e336985_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-65.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c7cdeee49b08393a9d6febccc8a7b8a0a805aece22d5c34442368166ee343813

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:14 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
21
x-srkey
7d5d8aec7ccc72c584b43b456c45f120
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0833549500
vary
Accept-Encoding
x-hostname
bb43613844de
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
83.110.133.183, 64.252.98.249
x-ip-r
10.30.21.61
cache-control
max-age=60
x-amz-cf-id
Rc9RYIym2xkl7_2TgMUz4TWMQ7WTj854X3KD55Nd8RZAhEQDbUtoJQ==
expires
Tue, 25 Oct 2022 10:29:38 GMT
985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
www.walla.co.il/public/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_b6870ad68b0a06fc5d7c_b6870ad68b0a06fc5d7c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
59
etag
W/"adb3-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
ZeRxvgrD-2AEFbZ8x-B2wIEkLBwwexsVDpHZNPncwFHgw0SGyfGMXw==
x-cached
MISS
player.html
www.walla.co.il/public/ Frame 3A67 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_4fa2305744511e336985_4fa2305744511e336985_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
179ef7120a911a837323e53870f6c44ed117aa6df21b03637ae5a3b7f92f8ba8

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58
cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:28:37 GMT
etag
W/"bd8-1840ea1ce60"
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
x-amz-cf-id
5qzztC-4Idqu6VPd3jZrd4dx-m279JOn_Z3jaXmy5NPw6j3v_77xsg==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-cached
MISS
626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_b6870ad68b0a06fc5d7c_b6870ad68b0a06fc5d7c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
59
etag
W/"c3a-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
C5HSbEeMjvgub_c94GAJ0o38E3qKr34QLR-iytPgbb0ijRDuT7SKrQ==
x-cached
MISS
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"46c-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
BgKw15SYcTaXSbvySDieorAJo5EP5RULcifhmwVksrnuENHmN_ke4g==
3421426-46.png
images.wcdn.co.il//3/4/2/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 04:05:43 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5120632
edge-cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5667
x-served-by
cache-iad-kjyo7100050-IAD
last-modified
Sun, 14 Aug 2022 10:29:39 GMT
server
cloudinary
x-timer
S1661573143.241280,VS0,VE1
etag
"a299b27a337fe5f8cd65385dbd30d509"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
0iAnbPs8O1JkW5NXczpUJ0BZwV99GEXLR1y0qXO56ES6g0npPgsddQ==
x-cache-hits
1
3430556-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/0/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/0/3430556-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
7cc7c525ae329d48d9bd220082006161ef5fba2d19b9daaa4dddce0b185aa70a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:03:53 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5142
edge-cache-tag
213156470288257844848595463343497546509,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
213156470288257844848595463343497546509,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
7594
x-served-by
cache-iad-kjyo7100136-IAD
last-modified
Tue, 06 Sep 2022 12:11:04 GMT
server
cloudinary
x-timer
S1666688633.092768,VS0,VE88
etag
"21104a62bbeb76628bcecf42c57af69e"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GGYHj9whEYbOyTk6H1_3FvsL0NRK5gRnvDvcwuXZSpYSWyS7RFcpXQ==
x-cache-hits
0
3448391-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/8/ 		808 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/8/3448391-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
88b740a04a0bc328a7ed4f7a25cc17c6d9e6d7daaa43763478af606e40379e16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:37:32 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
100323
edge-cache-tag
141033366150601959126943266256833220846,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag
141033366150601959126943266256833220846,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
808
x-request-id
b01cae8272a5d99388e24fc9280129de
x-served-by
cache-iad-kjyo7100085-IAD
last-modified
Mon, 24 Oct 2022 06:37:33 GMT
server
cloudinary
x-timer
S1666593452.135379,VS0,VE508
etag
"c80cfe546ca00d9b4b65fee37231a183"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
sSA8R22cfCeXGzfwuqRe-_kqG0MrdXElK2j5wroaWBtXWsMwvnfrpA==
x-cache-hits
0
3448883-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/8/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/8/3448883-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
7d64c8a5dc66b0039376a0644f40d9d77528f4790c880322e8f0c4bb88979d88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 07:55:03 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
9272
edge-cache-tag
414227869540625636039314454240715106873,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
414227869540625636039314454240715106873,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7540
x-request-id
012ce958933ef35407b7755eae8c3627
x-served-by
cache-iad-kiad7000021-IAD
last-modified
Tue, 25 Oct 2022 07:47:22 GMT
server
cloudinary
x-timer
S1666684503.160009,VS0,VE7
etag
"bac7977b0932764e9b1c6159347b26c7"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
qicPHfsb5HTARwrBVgDQ85OuGYnsIBgzFoZ0sHltWsqa3_-fo6MGow==
x-cache-hits
1
2605985-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/6/0/5/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/6/0/5/2605985-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
b20f0eae203d45dded1d3472131a0fc9ddf5279b18b7dc4a022e19011fc79378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 11:47:56 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
81699
edge-cache-tag
228856537771336661923768864466833692500,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
228856537771336661923768864466833692500,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4142
x-served-by
cache-lga21976-LGA
last-modified
Mon, 03 Jan 2022 15:08:11 GMT
server
cloudinary
x-timer
S1666612076.327233,VS0,VE1
etag
"aa8a334d51699e25904639d89ab28153"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
TWSDRcSSJ8pN9R0d5socjk36aZQhGJHha55s3Pc6yW5tVPrbFv85bA==
x-cache-hits
1
3448731-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/8/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/8/3448731-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
f6222569a2d47ea5813af21f999009894a3ce26eecb2ab350993b9d418b0e454

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:06:01 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5014
edge-cache-tag
144110753958915439294582433093768508404,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag
144110753958915439294582433093768508404,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
12312
x-served-by
cache-iad-kjyo7100087-IAD
last-modified
Tue, 25 Oct 2022 08:15:53 GMT
server
cloudinary
x-timer
S1666688761.948665,VS0,VE109
etag
"eb9f92fdb722961774fd335d24d8147d"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
4kug3wAMqwRg2gYMGxOFgtplOFDzzdXPNfiPWoYCaFS0wKXQt5iOjw==
x-cache-hits
0
3180174-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/8/0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/8/0/3180174-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
9494a2132fd677a63d339a7d69c91efed0d6a2f5e54c2f3297bc39c9fd5e708f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:03:59 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5136
edge-cache-tag
207038435763734254655447710856476146213,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
207038435763734254655447710856476146213,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
1224
x-served-by
cache-iad-kiad7000034-IAD
last-modified
Wed, 29 Dec 2021 10:00:50 GMT
server
cloudinary
x-timer
S1666688640.766692,VS0,VE2
etag
"54d316cadec9fe422359998ca60de23f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
wXVp13JHnKvjTeH76vNzP8WSvlt0A2GlufMEQaAmiHdebgRnIkzuHQ==
x-cache-hits
1
3179568-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/3179568-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
64b934c26f040486052e202be223cd7514f770a38a68edb67db123d997895cac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:01:30 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
800885
edge-cache-tag
294008475302776510052261506874202346181,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
294008475302776510052261506874202346181,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2649
x-served-by
cache-lga21970-LGA
last-modified
Thu, 30 Dec 2021 10:01:11 GMT
server
cloudinary
x-timer
S1665892890.107879,VS0,VE7
etag
"1f7805fe0a42542e9345fabe325cb9ae"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
hA_v5eykL6MzOjBebVlgdv1JeyraKZ9SA63WF4v1Nwuafr41RtaytA==
x-cache-hits
1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3A67 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129663
x-xss-protection
0
expires
Tue, 25 Oct 2022 10:29:35 GMT
148_248b4149632420b886ad_248b4149632420b886ad_walla.js
www.walla.co.il/public/ Frame 3A67 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"2b34-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
l3k69WBczJLEXUOa4fYeV2VYFDiuWJuu8GDGbFLygtsYhCiXbnIp4A==
x-cached
MISS
330_b7e80a778a91bcb10d6e_b7e80a778a91bcb10d6e_walla.js
www.walla.co.il/public/ Frame 3A67 		695 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/330_b7e80a778a91bcb10d6e_b7e80a778a91bcb10d6e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0a7f878a27b7a0c67b9d6a0330a3a87b9682114d5c4b2c01ba6a009d1870a143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"add20-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
uykz1kwwQRmOS01bSkbTLHknHGXlfcp-D7WMJ91Ail_dldsXZB70-Q==
x-cached
MISS
player_b3ee37800c33cad651ab_b3ee37800c33cad651ab_walla.js
www.walla.co.il/public/ Frame 3A67 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_b3ee37800c33cad651ab_b3ee37800c33cad651ab_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
09c9cf712ab9f1eafc4f11c0e7556802347272c6e17ea39277ed8c132bb81b1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:13:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"7654-1840ea1ce60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
XE1wEW9I2y0Zl33vyDEMA2BrN8y8VjlM1B_aFQ1QAt9Z9ehlIRWTpw==
x-cached
MISS
settings
syndication.twitter.com/ Frame 9588 		851 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=151822a320f1ddb845467793b4f3899a00829527
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
107
date
Tue, 25 Oct 2022 10:29:34 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 25 Oct 2022 10:29:35 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
d891596644f6129a
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
7d3114536da618c35d6219efbcd3c26a250a621bccfa292b6bbd226e499ece5f
content-length
355
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=71500&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000918&sig=rA3V1MOL&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b64bfa67c1647ec8fd3a1aa2e4f3a0a1f68482bc478c2b84bff32ba4766ccfcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693776.701942,VS0,VE138
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21925-LGA, cache-fra-eddf8230136-FRA
x-traceid
9b893928b2e58a65961789566da95912
accept-ranges
bytes
content-length
1132
expires
Thu, 01 Jan 1970 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1666693775690&sessionId=3857b004-e285-a061-6274-44508ea77e67&url=www.walla.co.il&cheqSource=1&cheqEvent=3&responseTime=823
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
37c8c5f618d33a2f4c0726af88f7964a
Content-Length
4
Expires
0
3536706
dal.walla.co.il/event/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/event/3536706?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_4fa2305744511e336985_4fa2305744511e336985_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-65.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1f8447006dddfd40dfd9fa68063540f9c6f363f5abe4889cb7424bf92ee28106

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:15 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
20
x-srkey
27a80f7d8b74e68d1d5b75aa77fea684
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0336110592
vary
Accept-Encoding
x-hostname
79c70f4123a2
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
204.210.116.99, 64.252.118.126
x-ip-r
10.30.20.166
cache-control
max-age=60
x-amz-cf-id
orReRnuVksnMQRKq4DP6tDGcAwxy465n4hT0vRhJsnUH9VLLfyh7cg==
expires
Tue, 25 Oct 2022 10:29:50 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 25 Oct 2022 10:29:35 GMT
server
Google Frontend
x-cloud-trace-context
56b816a2ac1a3a167ae180e25dd4ccc2
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
x-request-id
074f7c80-d37f-45ea-a72b-4cfcf47242c4
x-vad-version
0.9.9

Response headers

date
Tue, 25 Oct 2022 10:29:35 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
666b935005c5a04cddf4cbddefbb9ddf
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
map-id
ledger.crowdad.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=2c5148cb-a3af-48f0-a676-2b37dd123133&adnxsUserId=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D2c5148cb-a3af-48f0-a676-2b37dd123133%26adnxsUserId%3D%24UID
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=2c5148cb-a3af-48f0-a676-2b37dd123133&adnxsUserId=7918537102652715055
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=2c5148cb-a3af-48f0-a676-2b37dd123133&adnxsUserId=7918537102652715055
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
52.212.114.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-114-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:35 GMT
AN-X-Request-Uuid
b6be9450-95b3-4b9f-98e0-f047022cc5bf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=2c5148cb-a3af-48f0-a676-2b37dd123133&adnxsUserId=7918537102652715055
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
3446213-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/4/6/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/4/6/3446213-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
9a185f7448b2d6a1893404fa5bd7de816fb0630c707e2b85cef3e1d57a8ea869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 06:56:23 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
12792
edge-cache-tag
158905242070155455409458456227580402203,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
cache-tag
158905242070155455409458456227580402203,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2794
x-request-id
d3d5a164e978d671c0f66ecaf4af35a0
x-served-by
cache-iad-kjyo7100148-IAD
last-modified
Tue, 25 Oct 2022 06:56:24 GMT
server
cloudinary
x-timer
S1666680983.001321,VS0,VE475
etag
"c06e08d1211007cd754de1252c62ff10"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Litq72y2TVnoXQ2wzdmumvNKRiV3n60EFrK1OhlZZ7DO9KuX40dAmQ==
x-cache-hits
0
3421782-46.png
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/2/1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/2/1/3421782-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
cloudinary /
Resource Hash
b7c1cc09e2b61681af52a71b14d2e39fcf4643f516ef3a143141d0f1c6791e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 06:56:23 GMT
via
1.1 varnish, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
12792
edge-cache-tag
299954877297422655459458055850139143407,264419446907812767811778384069664324750,d2bce9e04f88d43dd8350e859c701704
cache-tag
299954877297422655459458055850139143407,264419446907812767811778384069664324750,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7710
x-request-id
23cba5d1b2a19ccee4d968d5f23d3ed3
x-served-by
cache-iad-kjyo7100047-IAD
last-modified
Tue, 25 Oct 2022 06:56:24 GMT
server
cloudinary
x-timer
S1666680983.297022,VS0,VE637
etag
"f3e9e14bb5a77725d5c875d41fa318b6"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GjuL9xOUv6vqwFIKaW89IsRuRY6MKpwjVemoJjk3xX0Bn4lYz953LQ==
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1666693775740&cv=9&fst=1666693775740&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e720e3f3d0db5a172731674177dfa8fd055f49ba259d4d62c7070f911ca0e07f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
play.svg
www.walla.co.il/public/assets/icons/ 		359 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/play.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"167-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
359
x-cached
MISS
x-amz-cf-id
9lCvIrWIRe8To86oXoKGuRElu--mtwvt4N_AjCxuB10Xhzxx8YE52g==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1536980418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1873858728&gjid=63955312&cid=1349161307.1666693776&tid=UA-4780630-1&_gid=1788916816.1666693776&_r=1&gtm=2wgaj0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&z=335362624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b997bb2e3817a57af4493e51679d9b8f7083fd8346bf45dfe5a0fdb3ecbd1020
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Oct 2022 10:29:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86281
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
M4O/Win2xGyymSPN7gYfqdljK20MgvVjRDnxkkOqme0pjvbHHAWlkPIrf07Xq04kIN29xUVqf3JF5VjorePB/g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:36 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"558e-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
IHzr1fgx-kNd4hd523mPCjImrrbu0i4Nkr-oRUnySFS5eS4PmonkRA==
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 25 Oct 2022 10:29:36 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Tue, 25 Oct 2022 10:29:35 GMT
walla.json
www.walla.co.il/public/player-config/ Frame 3A67 		111 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_b3ee37800c33cad651ab_b3ee37800c33cad651ab_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-57.prg50.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews2%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:28:37 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 10:10:53 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
PRG50-C1
age
58
etag
W/"6f-1840e9f9fc8"
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
MISS
x-amz-cf-id
uxAbUvXm51tSF4YXBgMxZwMdzSOxmITm3pvEPswbAIWhmmKi2PFZ9Q==
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=1349161307.1666693776&jid=1873858728&gjid=63955312&_gid=1788916816.1666693776&_u=YEBAAEAAAAAAACAAI~&z=590007198
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 25 Oct 2022 10:29:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1666693775740&cv=9&fst=1666692000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3862719622&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1666693775740&cv=9&fst=1666692000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3862719622&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=491178f1dd800fd6d675880d434f4fc8_1769_1666693775796&tm=1094&eT=6&wRV=2000918&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:36 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
1bac758e8f9e2920e3923e362fce4d67
Content-Length
28
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=546&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&adblck=false&abwl=false&px=209&py=983&vpd=0&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000918&sig=rA3V1MOL&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b14bef1d3218644f3e397a6cc70c7f026b5a26383ba2753eadbe11730f917e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693776.965962,VS0,VE103
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230136-FRA
x-traceid
6cf80a210654feed8959fcd8be0565ff
accept-ranges
bytes
content-length
3806
expires
Thu, 01 Jan 1970 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4246ffafbb1999e5f1f9a4bca6cc8270b7fe361e9a34305e013bf685a77afda2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Oct 2022 10:29:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86035
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
bphqOd493b+Wlpsx9MSwMdLtwTz71CEJ6dQkWWYq36+LxWacGfAt8oTYdID0BAVBd1GhgM6ufsGJlachCDrH1g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1666693775988&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.2.1666693775986.6387428&it=1666693775768&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 25 Oct 2022 10:29:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame 3A67 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=1349161307.1666693776&jid=1873858728&_u=YEBAAEAAAAAAACAAI~&z=212521817
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=1349161307.1666693776&jid=1873858728&_u=YEBAAEAAAAAAACAAI~&z=212521817
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
575b3f33-0846-4520-b6cf-ff8948ad5cf9
https://www.walla.co.il/ Frame 3A67 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/575b3f33-0846-4520-b6cf-ff8948ad5cf9
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
prog_index.m3u8
live.wcdn.co.il/news2/ Frame 3A67 		428 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.wcdn.co.il/news2/prog_index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_b7e80a778a91bcb10d6e_b7e80a778a91bcb10d6e_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cd8e3e31d0562e13becc5a6e03757eb119ea4c30c3ec7902f368101b106e8c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-meta-user-agent-id
news2-ftp-user@s-91b1139c587448219
x-amz-cf-pop
PRG50-C1
x-cache
RefreshHit from cloudfront
content-length
428
x-amz-expiration
expiry-date="Thu, 27 Oct 2022 00:00:00 GMT", rule-id="expire_old_segments"
last-modified
Tue, 25 Oct 2022 10:29:31 GMT
server
AmazonS3
etag
"ba49ec81a0ec398115a4abe9c39c4387"
x-amz-meta-user-agent
AWSTransfer
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Evup-gHimeeG7xlXmIYzTgaAYhcqFPL4iw1Y5fue4FiNGdrSqGUGHQ==
bridge3.540.0_en.html
imasdk.googleapis.com/js/core/ Frame 141E 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5571dd0aa055fd29ec2b3fc6a6485c7f823ee0d596ac596b54843bf71efd986a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226776
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 04:46:21 GMT
expires
Wed, 25 Oct 2023 04:46:21 GMT
last-modified
Thu, 20 Oct 2022 15:42:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3A67 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Oct 2022 10:29:36 GMT
integrator.js
adservice.google.com/adsid/ Frame 3A67 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
da4f19e1-b9e6-4759-883e-62e77088a15d
https://www.walla.co.il/ Frame 3A67 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/da4f19e1-b9e6-4759-883e-62e77088a15d
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
be665b77-ffc3-451b-b519-48b9d5e8eec4
https://www.walla.co.il/ Frame 3A67 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/be665b77-ffc3-451b-b519-48b9d5e8eec4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eae82b78cab1b9a962695ff864789192beedda6ac222aeea9e6dfe32f4348e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
a50b46c3-478d-4b51-8c31-8ee241fd9c39
https://www.walla.co.il/ Frame 3A67 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/a50b46c3-478d-4b51-8c31-8ee241fd9c39
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eae82b78cab1b9a962695ff864789192beedda6ac222aeea9e6dfe32f4348e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1666693776114&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.2.1666693775986.6387428&it=1666693775768&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 25 Oct 2022 10:29:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 24 Nov 2022 10:29:36 GMT
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Thu, 24 Nov 2022 10:29:36 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=1733a7272cee3cae92e599aa1f335ec7_1769_1666693776022&tm=1268&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=992&wRV=2000918&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=168&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:36 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
572f5d94141a01401f5817479a09f6f0
Content-Length
28
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/2000918/module/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000918/module/streamFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6d1aa9c012a88e586d5b23e16cafaf6ecd657de5422e0c6e53dd06909696b2b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:01:21 GMT
server
AkamaiNetStorage
etag
"55555da162f0dd194e1351b326463f57:1666682717.339576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14168
expires
Tue, 25 Oct 2022 14:29:36 GMT
get
odb.outbrain.com/utils/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=51041&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&adblck=false&abwl=false&px=535&py=4632&vpd=3432&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000918&sig=rA3V1MOL&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3e4a30f839e78f295c480b425bb63738e42c3f8be3abc4c900de5087090bd7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693776.140263,VS0,VE230
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21953-LGA, cache-fra-eddf8230136-FRA
x-traceid
3b29c964565d47ca10789b1c59d7c63f
accept-ranges
bytes
content-length
11146
expires
Thu, 01 Jan 1970 00:00:00 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1733a7272cee3cae92e599aa1f335ec7&pvId=491178f1dd800fd6d675880d434f4fc8&sid=7990615&pid=1769&idx=1&wId=132&pad=0&org=0&tm=1347&eT=3&cnsnt=no_consent&wRV=2000918&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
88c162b7638ef191c52ca05e2aaa8262
Content-Length
4
Expires
0
get
mv.outbrain.com/Multivac/api/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000918&apv=false&sig=rA3V1MOL&format=html&rand=87597&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000918/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56e14abd1aaf620a3832b20e2cf927272b034b8850de286c21200c446634ff2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693776.276795,VS0,VE251
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21950-LGA, cache-fra-eddf8230136-FRA
x-traceid
623da47fa29ce3e8e571c762fae6056b
accept-ranges
bytes
content-length
6560
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 141E 		30 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.540.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.540.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Ffbd44aba-ae6c-410d-bea2-e22b9dacbbd4&sid=B54F93BA-3D41-4A71-8707-03E7D0C9D9DE&nel=0&eid=44748969%2C44752657%2C44765701%2C44771692&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Flive.wcdn.co.il%252Fnews2%252Fprog_index.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F&dlt=1666693775621&idt=619&dt=1666693776280&cookie_enabled=1&correlator=2965423164013475&scor=3619851790042441&ged=ve4_td0_tt0_pd0_la0_er2259.790.2259.790_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76fe4edf2cb6a8629a3bc9757b539a6ae7f6ebc9e1d260d17cb333dfc7ce5d6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7090
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Thu, 24 Nov 2022 10:29:36 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=306691b18ed65860534f8ae3c6436ca8_1769_1666693776318&tm=1522&eT=0&widgetWidth=865&widgetHeight=259&widgetX=535&widgetY=4653&wRV=2000918&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=117&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:36 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
7e6c607decc9b934e5796c1a9274e42f
Content-Length
28
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=80581&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&adblck=false&abwl=false&px=535&py=11326&vpd=10126&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000918&sig=rA3V1MOL&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96a9be91b3778f8cc1c521ed444a86d3eab3e4f13c6fd9cabf4e159ccf787a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693776.393347,VS0,VE106
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21932-LGA, cache-fra-eddf8230136-FRA
x-traceid
9d2317c0a4c8cd62d75943da36f210fa
accept-ranges
bytes
content-length
3905
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame FC74 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:36 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=d452bd3925c284aca74bcca1c3023114_1769_1666693776457&tm=1644&eT=0&widgetWidth=865&widgetHeight=41&widgetX=535&widgetY=11385&wRV=2000918&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=116&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:36 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
c07596ee01e827e0e777290777fc99f8
Content-Length
28
Content-Type
text/plain; charset=UTF-8
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000918/module/ 		503 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000918/module/singleAnimationOnFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b7f071d2fe3aed9059170312e5b55b9edfe16093abee417b954a2c608a88837f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
last-modified
Tue, 25 Oct 2022 07:01:21 GMT
server
AkamaiNetStorage
etag
"dbcdfb1507feb9188d70b97c03133c41:1666682713.993858"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Tue, 25 Oct 2022 14:29:36 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=b105941d708b3a0b145b987e734ac0db_1769_1666693776475&tm=1674&eT=0&widgetWidth=282&widgetHeight=188&widgetX=209&widgetY=1033&wRV=2000918&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=144&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:36 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
ca8472cd10046ed35bec65e68e1999b2
Content-Length
28
Content-Type
text/plain; charset=UTF-8
get
mv.outbrain.com/Multivac/api/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000918&apv=true&sig=rA3V1MOL&format=html&rand=94324&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=4&lastCardIdx=0&fAB=11741-82186&layeredTestInfo=11741-82186-&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000918/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ec0fb80708484107f4cb481294a19178c474583b98724520286944b7c6ee055e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693777.547617,VS0,VE747
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21950-LGA, cache-fra-eddf8230136-FRA
x-traceid
65b91dc7d11fcd8bf2ff7ed3ecd8903d
accept-ranges
bytes
content-length
35354
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6ImFjYzRjYzFjYTdiMGJiMmZlODk5MDM1OGFkNjUwMjQ5ZGM3YTU5MGYzZDBkMmI4ZjBlYzlkZjk4NjA3NThiNmMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFjYzRjYzFjYTdiMGJiMmZlODk5MDM1OGFkNjUwMjQ5ZGM3YTU5MGYzZDBkMmI4ZjBlYzlkZjk4NjA3NThiNmMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ba49cae33a20fb86ea334e4cdd0dafccf83467684158fccc75a86da3c5fc8cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
last-modified
Mon, 24 Oct 2022 10:10:07 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2392779
access-control-allow-credentials
false
x-traceid
65cb9f253403eef12ea773bcec7e46cf
timing-allow-origin
*, *
content-length
15300
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=b105941d708b3a0b145b987e734ac0db&pvId=491178f1dd800fd6d675880d434f4fc8&sid=7990615&pid=1769&idx=4&wId=1515&pad=1&org=0&tm=1690&eT=3&cnsnt=no_consent&wRV=2000918&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
bc7c4a0c6e77e19ed76b96a8c5ed96ae
Content-Length
4
Expires
0
/
www.facebook.com/tr/ Frame 2E6F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:36 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1536980418&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1349161307.1666693776&tid=UA-4780630-1&_gid=1788916816.1666693776&gtm=2wgaj0T728TH&cd1=1349161307.1666693776&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=716182939
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 23:23:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39951
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=93245
accept-ranges
bytes
content-length
82748
expires
Wed, 26 Oct 2022 12:23:41 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
75fa45a8ad1e9016-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221025
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94cd583302b8e72a39226ed3e0df95859bf3b5f38001a2844cf5be6844fda58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
26911
x-jsd-version
1.0.1503
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4575-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-eGd9HevmK3wx6n8jnV/1+TLrQqw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75fa45a8ba49910a-FRA
localstore.js
script.4dex.io/ 		483 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
x-amz-version-id
1666365882701197
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx36ec54edbeb74121a0ef5-006352b9e9
age
2083
x-amz-id-2
tx36ec54edbeb74121a0ef5-006352b9e9
last-modified
Fri, 21 Oct 2022 15:24:42 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlkY1RYpW9qxJH8PK2l%2FsMpyTdrxcLStBXmhQQFwLYgnBcREx0xPXVEkm4Uu6eahtmut7sIHFDRWjzmQ6yjVrOIWyQTTWcwPTj6QWEmEuYkyON0Okfl8hcrFChYB2fzJMxNMF%2B2OtduMS6tX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
75fa45a8cb5e9a00-FRA
expires
Tue, 25 Oct 2022 10:59:36 GMT
prebid
ib.adnxs.com/ut/v3/ 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ea77943a44248a45eac1f7b060ec21af450e85039f7937f3962e6cb6e01ddfb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Oct 2022 10:29:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
22f279de-c859-4f53-8af1-0069fe8a8699
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=82132627299
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
arj
u.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a00bc474-bc24-4d04-bcb7-6ef9684c9cf1%2Cf4e23f17-32ec-41f3-a207-3633e0ef3a05%2Cefa76e7a-e16a-418b-a6db-c81499d40a21%2Ce92b5bfa-ce1d-4698-a565-80c9d9f71768&nocache=1666693776757&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-7&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e4456346c8eec65785ebeb77127440fa8d579fd862be866b2fc91c7a25b9d592

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ 		114 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c086fc444fb5501bf925587c4607fe7f1828c3e6c951acc1680915a3d710f19

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
2.5.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
75fa45a8ffb9bbd7-FRA
expires
0
bid
ap.lijit.com/rtb/ 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cd8cf69421dfd6d4c3ae153d58a333d6084cdc950ef29a86ea781aff05e42c21

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Oct 2022 10:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 25 Oct 2022 10:29:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		54 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cc38d8ed1e70a7399e778f8e1855d63f4dc33191e38244bd054d7d05ec029959
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Oct 2022 10:29:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
11c095ba-163d-45a9-a6ae-ab0ce7143c4f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.124.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-124-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 25 Oct 2022 10:29:36 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		891 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5c010ebbcf499d639b59f2a090cf411dfa7b12f62f841cb28f495831b6c9f278
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:36 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
93
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
891
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=a00bc474-bc24-4d04-bcb7-6ef9684c9cf1&l_pb_bid_id=70f9ed9185df1ba&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.7770257574916088
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
52a8321ff0ddcb2f45c151c239f7fe1d640eafa73aac2f8459a0cbd9d0364fdb

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=f4e23f17-32ec-41f3-a207-3633e0ef3a05&l_pb_bid_id=71da2f772715884&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.27738260153510086
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e930244c47fbfa3b3963868b7063142a53d74f6b6c274429c3ae3a62ba645143

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
402
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=efa76e7a-e16a-418b-a6db-c81499d40a21&l_pb_bid_id=72b4c90d2e17f4b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.8727179013723361
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4f97881d632eedf26968c649185c8974ba2660892becc268ca373daebb616615

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
398
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=e92b5bfa-ce1d-4698-a565-80c9d9f71768&l_pb_bid_id=73cb92874ae9943&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.379459258773825
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f71dcb232e2dd55f3cf1b7454d82c21be96071b048879a402aa8e225ab2a6de3

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
409
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2279159fa698eb79b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22805ce60025e815d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%22825bd9f7009356a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%22831a8c798c47a2a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%2284dd61d33868fa3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dcfa6664e8679ebbbf3c9199b1209335aeba9579932c33634e8d0e481f0522

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75fa45aa7a8e9b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
/
prebid.smilewanted.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
75fa45a8fdcc9016-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
75fa45a8fdcf9016-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
75fa45a8fdd29016-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
75fa45a8fdd79016-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		69 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1066897415737725&correlator=3176837007761484&eid=31068500&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&sfv=1-0-38&ists=4095&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1666693776808&lmt=1666693776&dlt=1666693774308&idt=167&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C968%2C3030%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576%2C11576&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1349161307.1666693776&ga_sid=1666693777&ga_hid=1536980418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b20768981df88d3ce9f772a9b9219af83d47fb02be0dbe914ccfa3b00e4d74a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23335
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2,38340105,38284305,38363625,-2,-2,-2,-2,-2,-2,-2,38240625,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2,68907848985,68907848985,68907848985,-2,-2,-2,-2,-2,-2,-2,68907848985,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C5D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vast
bid.g.doubleclick.net/dbm/ Frame 141E 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DNWvNAu94lbbODEki2_ry-UFo3BZID-AEEqJeXPRGLeTajsrbPObe1x9Wm9Ud1IiOAwkNMqUBn4DyaVHwfg5t-7yXglg&cry=1&dbm_d=AKAmf-D5atmSKYYqGpw9dRLajk7ntZtmFS60FCocaGFXxcvKhzWTBFYYiG0BwOxgx8OwlCwWRsh9pIkeQCn9nE9cu9cBZr2RSCRWBZUai_n8orSa8aN-huBW0hvEth_K4giOsI394iCtaGkU7THKTkGaki2dGnlNuyq57jjDHn9z_cxCVbJmchrOt4ji6y7wPChvl2nIKyrTpQZBFwL54HxJasxR7ImrzkrSNGXSKFY2CXgbmSZIoZ4KWG6TZlecYw66s96zx1RD2WMb4QFM91qo11kk4JR7SV4OY6f_Tnu7EmXmHczDtg8nlJ74ip2XHdV1XmxBM1bLg79t_p-G6YuqpdwIOd1K1JG-7ve3XRIraWlGfQh8ZXJujs9oPmdmYJyX9tYOqzRZa7FSAiyuRY3-EF_JEcK1zgw1TyXvOCzrqUAfixtXJtn1VwUkEjvN4PRDUEqL-QwN5NT1BDGZl0gZME5dxtoGwWVEqSthxPpeKr83gP2Ow-xaC9g8sZCkBSA-WHMBY2J6cQbid-BJt2HIVZGO690tYnCZVrLRHZFYAiWDYmnRlGkady-V24k_xfDwYSYOjIw4MJsLshDfktbDaXrZPX9m6-pihtfpI81jBeoNIxQ020g98o_nRohyp2k4V-ET7bXjsiCCIJec5o3uy-neNTo9iA-si20XwH2VSN4Ykx7NJkQJjuV6OE3E4OBKCOx-43J0pYZ08Qu1Q4_q3Xt3rucB5cBpbYhQXvJcpOjGKLPlAAmw4iJlpwI2YX8-OxgHUr2cTb96vQkmFIRoAC7bp-ljdJoY_Q2eRY6Wn1FG0-mMNX-a50I4tHfalZ6e3hYo9XFZn9_5hv1DvZe7BAsaQBjeYSTf8E0Iu_ztv85EdHegHPAkE0pB_Sy7pjcW6MFD2tdyAdLsb_Nq95Mex4VE_b-8YrH-K7IiSgY4_TD7g-6SkpXeJWRI4tqhMApXHKwfTCe-CERpCB48PbIbFohuXOc2ftq-1KQgQHVauKczzMJeDpoblj06u7JmXgg68vA801Vl94rmH47kruJTX12ujp4L8J94eu1DkbAJs333RkEn2FcSPKBXeICtKqhKm2F1QPZnwIusaxQnsOGMFYHFBKEx2xcvRY3SWcVlzoyebEP7dU7TaZJN7h0-x3NdChBu1in3PbyUze_V2I52R9m0R2mV5jxv0voCv2OamEVb4jbXUB2QfbaVGdljMlonpnBGtOhP5TXH8Y1yJeq8GA7Os58eI3VZEK9g4e_lHjsqnCpt3-v49KiU9icvY0ZC7d0MGkeerZ6rC0hSoj8NzigRLh0nrZ0UIQpy1rbzWM0OKrbP-iUiKPVeHVpqORR4fjfjt7owj0suQy4F1IpkMi3a3QBg_6O5FU6JQhUlZtr5Xr5Xv8idcPkfU3FyAlh1UJ4J36Rsv9aeS_vv14XnXtOdfZqmxEVvZH3FwahQLu28mM0Z361yws_uEAxU6GJYNWP8NZ1jJIQojZPWmPiQbvILMbDRXle2xMwvjBFxgKvS8QrnUrR9eH7lohqijLrG844nglSpnXGPZ1jCrcU1sq35ta-c9ZA_LK7lMkSPWivt12DefvUJ8jD11vx9FukJLbNKEOQWi8w-unak80fRtkKUSGRrdr8O-Y8r4yjAfcgNj4cbJpYIyLIsWYAKFMDXMH7NVZYEtM1zIxVpF_19mWgg0FWVIWJ0VruYt2rBeUE7vBaXToZpqnKiHvble6caBlcVsaZq67ohBCqQFLuGfMjMbS9SqOV6ywMb7FoXmTTkGL6Uyfe6LL16jcbf4LRptH8VPAaDfzOECF4M2vuN9eZzomp11HvxF3sFhkf3ZVGoudjnUcP37MvLcRAVpdB9SaH-pEqzKzjgrwURhpBOmkzvMIb5p6kxQJYDQw9DaVsnkQSZfH_U-JzZHOfPVi0_yCT8JKZTLY4ub7LmMXyE3hkz7iTWPHMmMGu6zOICvq-XrDG2MbEYLIl_QpoDGfIDQR5oVtLtGhWjECytrJ3bEvC97ApnM9stv1G5npZh9VC8_ZGIrllnXIWWqRvkN8_r63BRRKgy1JwJNrVVpx_pqgrOirzf2Ay-LOY4IpWzIoCV3pMawdV8-o0SfaXHSQoVReTxkixGCr2bx9RqWLQcK7egjjuqTbjCGfe6obWqTOVViSyjz6Ie_VWxv8DuGP4Oy5LARCKHAB57UMUt2eGlr45B-G88ivrM6vYD0D2xRTBNF5oA2UzbzyNzwReobSJ5WoXuimTkAx6_q8-kZi5V2pIwgaOXUGVQLztlqcnhVItRfk-Gk-5CtIeu3294VjN3k9ygpJ3iuCCxhrqCKuzby4gp2KVLQhkuvR8X_n3RDvIJKjxOvAUD7_hHVaJ4jHiRrD1QvhNcQXsKZKbBYrXyQRFSo8fcP53j75r7o7608oaVFKRf_lrCA3_Jlj-sTgDouX4FagxRmaGcQH81fyxQBxrnnCHhsQ8WEO3BTLOezKSpCujkrNqpCAGxj6taJwMNvqnw7E_gfdpRKilViRzjagtrWjPZPImnx1rJbUFSb0mUTQPoB6F3MpEbIAftHdht8n-FPm3HIZkrXx0zOGWzNvMtxbuWJgzHcCeYzu73lM6x7uhwgjmsL9dyZ7HDsZmgt-zXd8eZirlssyCBHJyruBNwnQf9qKYYCKxfulc3rMpO9Ey9Gh6vAqHu42AGZzE0xTkPpDj6SlhE5dKQrtOonzg0aWLI06xXLZysHTqgW6IpEjThHFVlhfTff-ICoIr5qYjoduyz1pXG8AEyZ_ikOvCD-Jbm8GB4mALB_NhMBRtt-F0kZtgyv25_yeaUa9qPODgMWAKruaXlJpgHpzG9mIkkc9edyJd9mAheyggPrcBKXH5fw1IkA2PRpIF94YOuZ_Z2NHQk9BafwzI5pR8Fxpfphkmp31oAwUpZazyZnGJuDrSS5ICP_gayISiXevACYJdRaXskjLxC-DcvN3z5HXwr-RpbSosA8w-lXHG721ztUAPCDm8X9qJa8YOGMB-5GxaIrK-y9MD95f6Po-q85uqAgrUoNfw2_aqqTSatP5vx4ROzle6ot61eVQ8j53r37LSuVp06BvwTtcXSKEAAY6co-fq1wB0vWbtKiUOgvJx_PBndwIDFLnMbLGEvXetSfzuzBtVPhgi3K4O_JEJRq2sMo1bnDpjMR955duHq7vL3ToLeYaHZJeocgcUv-pxLZqLw9J6xTm2ehS50ipFikoG1CCRFnkLh0AN9MaBqHQT63Du8mSrf61DnUu7qTOlmig3czlsTYlNZGqdEpe7jDN0OD9LUFg&cid=CAASJeRoNHWiVKgs2DPjCBeRvAAkRRrLiiQD81CSvPAd9sKswfQsqis&vpa=click&vpmute=1&sdkv=h.3.540.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.540.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Ffbd44aba-ae6c-410d-bea2-e22b9dacbbd4&sid=B54F93BA-3D41-4A71-8707-03E7D0C9D9DE&nel=0&eid=44748969%2C44752657%2C44765701%2C44771692&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.walla.co.il%2F&url=https%3A%2F%2Fwww.walla.co.il%2F&dlt=1666693775621&idt=619&dt=1666693776866&ged=ve4_td1_tt1_pd1_la1000_er2259.790.2589.1377_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
cafe /
Resource Hash
6f271afc9e4baff46393c2294bafc58dc48a30c276b28d3bea3d274b10a84e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15989
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
x-amz-version-id
1666365881812584
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txed51dfd210c74c41b63f8-006352b9ed
age
327826
x-amz-id-2
txed51dfd210c74c41b63f8-006352b9ed
last-modified
Fri, 21 Oct 2022 15:24:42 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfofmdntCYWe5620xRh562PMQ3hKzDvP8%2BV0vWcP53HL4KBZo1NWFfa8swhRYSj13C3u95WIN%2F%2BjnOeZvKjciCC7Dk3YjCvXEc8x13P8GdANQEMLWOj8FAPJV1fcdjmGlHAMrab9ZwAKst5s"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75fa45a99ba99be6-FRA
access-control-allow-headers
Authorization
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
669410
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
75fa45a9aee69016-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 7527 		0
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45aa98db9016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
vary
Accept-Encoding
b1e31759f89294c677ee8d6d4bf3afa3
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 3311
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b1e31759f89294c677ee8d6d4bf3afa3
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b1e31759f89294c677ee8d6d4bf3afa3
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45abaaeb9016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 25 Oct 2022 10:29:37 GMT
Expires
Tue, 25 Oct 2022 10:29:37 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b1e31759f89294c677ee8d6d4bf3afa3
Pragma
no-cache
Server
nginx
x-sticky-vk
1666693777177039-538
csi
csi.gstatic.com/ Frame 141E 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9o2fwav&c=6923051839882&slotId=3461525919941&qqid=CMWC-ZOW-_oCFQiTdwodO6sA_Q&fb=ima_html5-lima&sdkv=h.3.540.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&ghmsh_eids=44748969%2C44752657%2C44765701%2C44771692&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:817::2003 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 141E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgAdtkLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMByAMTmAQAqgSDAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfaMDdl2WtPyoy12Zgzc2HTywiQymhyeH9yfdSi0uZy8j6o1i3DMGDE6UXWr0_VU8J4SCQqO19gITx2sgeFcrABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGiDAgqBgoEz6exArAT76XxCtATANgTDYgUBdgUAdAVAfgWAYAXAQ&sigh=L5DZxCgtvgU&label=show_ad&sdkv=h.3.540.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DgAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEDNPVEhTUlJGckdTYzhCTUkYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 141E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C00DukLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMBmAQAqgSAAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfMMFv_W2H3xigZPqCpHBlb-ezf-kw5X4al1GdgWmTd8LTu6Bthf1DoGEGdKXX17BXR-UmgMFlMS0Ls3XABL7B08iNBOAEA4gFirmooUOSBQYIAxACGAGSBQYIGxABGAGSBQoIIhADGANIk5Z2kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcLEKbNyQEY0LKJ0QHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAaIMCCoGCgTPp7ECsBPvpfEKyBOSyKoJ0BMA2BMNiBQF2BQB0BUBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=ngpLR5FiMJo&cmd=Ch1jYS12aWRlby1wdWItNDQ5MTY1OTQ5NjM3MjE3MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9APhqhPQS752GDZtee4B9LDpYsvsaIMLKtmnPZ5BqyQXzlZuqV613RRuWeQOKgHh7Q-2LSRhljCAT&vt=10&sdkv=h.3.540.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DgAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEDNPVEhTUlJGckdTYzhCTUkYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 3A67 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9o2fw2j&c=6923051839882&slotId=3461525919941&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:817::2003 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgAdtkLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMByAMTmAQAqgSDAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfaMDdl2WtPyoy12Zgzc2HTywiQymhyeH9yfdSi0uZy8j6o1i3DMGDE6UXWr0_VU8J4SCQqO19gITx2sgeFcrABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGiDAgqBgoEz6exArAT76XxCtATANgTDYgUBdgUAdAVAfgWAYAXAQ&sigh=L5DZxCgtvgU&label=vmap_ad_break_start&sdkv=h.3.540.0&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/universal/ Frame E82A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.25.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-25-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
47
r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3A67
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,ita...
3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59C7E773283728271881C026268F268CB893D899.054161D2F521990B7FCA64A2676365934F438E26/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:5a::8/mm/42/mn/sn-4g5ednds/ms/onc/mt/1666692864/mv/u/mvi/4/pl/47?cpn=3OTHSRRFrGSc8BMI&file=file.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Server
2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 10:29:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Aug 2022 08:21:41 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3976059/3976060
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3976060
Expires
Tue, 25 Oct 2022 10:29:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59C7E773283728271881C026268F268CB893D899.054161D2F521990B7FCA64A2676365934F438E26/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:5a::8/mm/42/mn/sn-4g5ednds/ms/onc/mt/1666692864/mv/u/mvi/4/pl/47?cpn=3OTHSRRFrGSc8BMI&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
669
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KcYldmMlJOlFqeXsm104
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame BE6F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted&tc=1
0
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45abbb0c9016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 25 Oct 2022 10:29:37 GMT Tue, 25 Oct 2022 10:29:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame E363
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
26eef32e-434e-4db7-8397-d3bc1fe2d364
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 25 Oct 2022 10:29:37 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45ab8a839016-FRA
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
server
cloudflare
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 25 Oct 2022 10:29:37 GMT
server
Google Frontend
x-cloud-trace-context
9178b126947f45d0685a6ee52c6f7ff7
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
x-request-id
7ec57a3e-39cd-4d90-bdb8-3a0b62b3c7c7
x-vad-version
0.9.9

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
122715d175a0dbe2885614717b91b08d
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		209 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1066897415737725&correlator=383076497789745&eid=31068500&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830821&sfv=1-0-38&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D91c9c0721d57bca%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D9225016c622e90f%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D93e7db961635fc%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D941b7757b35b992&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3D3554dce9b385ccbd%3AT%3D1666693776%3AS%3DALNI_MYKfHDYKjPtSweQlTcrNdlC4u_W8Q&abxe=1&dt=1666693777223&lmt=1666693777&dlt=1666693774308&idt=167&adxs=1480%2C200%2C200%2C200&adys=290%2C1245%2C1260%2C2187&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C15%7C16%7C17&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=1349161307.1666693776&ga_sid=1666693777&ga_hid=1536980418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
116c109a4ed8f1c7c6e71fef91085ed6f6d005c4f9073ae5ec6dab9d58d94338
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzdrpSW-_oCFc5A0wodMooE8Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/6357826067549388800/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_drpSW-_oCFc5A0wodMooE8Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/11663474539605524480/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzdrpSW-_oCFc5A0wodMooE8Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/6357826067549388800/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_drpSW-_oCFc5A0wodMooE8Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/11663474539605524480/index.html
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40738
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
connectmyusers.php
cdn.connectad.io/ Frame 4521 		1 KB
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75fa45abff78996f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame D5C4
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 25 Oct 2022 10:29:37 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 25 Oct 2022 10:29:37 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
reel.js
widgets.outbrain.com/nanoWidget/2000918/module/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000918/module/reel.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4dfc449b45eeeb11a39430fbd8c1d5db14e915a2e3222b1f0cadf2939e2e2247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:01:21 GMT
server
AkamaiNetStorage
etag
"0892175a92e3708197297400fcc2704e:1666682712.318627"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8660
expires
Tue, 25 Oct 2022 14:29:37 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=51d487c846e7f9786db3014225f635e2_1769_1666693776762&tm=2460&eT=0&widgetWidth=865&widgetHeight=577&widgetX=535&widgetY=11447&wRV=2000918&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=775&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:37 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
52bb992cad84a1add5369df885650fa7
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e216af2094a342244500730f2a0b9a3f_1769_1666693776908&tm=2468&eT=0&widgetWidth=865&widgetHeight=287&widgetX=535&widgetY=12058&wRV=2000918&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=775&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:37 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
43f2d1825591088f657ed09f6e0a89dd
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=dcb138069b457e5b14bee2dc1792b81f_1769_1666693777014&tm=2469&eT=0&widgetWidth=865&widgetHeight=339&widgetX=535&widgetY=12369&wRV=2000918&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=775&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:37 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
4de9f64a9f78845c41ed473433aba9dc
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=7800dc46268492b3909c8cc7b74c5de3_1769_1666693777074&tm=2471&eT=0&widgetWidth=865&widgetHeight=362&widgetX=535&widgetY=12732&wRV=2000918&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=775&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:37 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
e8ac3fb6ac575c4ad3091cf389e120ff
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=4fd5136b706b5aed185a51ce33a76827_1769_1666693777232&tm=2471&eT=0&widgetWidth=865&widgetHeight=331&widgetX=535&widgetY=13118&wRV=2000918&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=775&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 25 Oct 2022 10:29:37 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
c7e3e91fc217f292f6da0bbe2a1e634f
Content-Length
28
Content-Type
text/plain; charset=UTF-8
csi
csi.gstatic.com/ Frame 141E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l9o2fwzt&c=6923051839882&slotId=3461525919941&qqid=CMWC-ZOW-_oCFQiTdwodO6sA_Q&fb=ima_html5-lima&sdkv=h.3.540.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=10&smb=1000&br=864&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:817::2003 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e21435ca-12ff-4f90-b29c-5c4c61d90dcf&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame DA9B
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/e21435ca-12ff-4f90-b29c-5c4c61d90dcf&partner_id=1010
0
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/e21435ca-12ff-4f90-b29c-5c4c61d90dcf&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45adeecc9016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Tue, 25 Oct 2022 10:29:37 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/e21435ca-12ff-4f90-b29c-5c4c61d90dcf&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A458 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B20D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 150C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 16B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB33 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1
sync-eu.connectad.io/syncer/ Frame 547B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
75fa45ad7a85996f-FRA
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/ Frame F6E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F1F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26902
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 25 Oct 2022 17:57:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
Y1e6kdAAUjwUO46a9eLRewAA%261116
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame B8E0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y1e6kdAAUjwUO46a9eLRewAA%261116
0
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y1e6kdAAUjwUO46a9eLRewAA%261116
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45afaa829016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75fa45af5e8d9b98-FRA
content-length
0
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y1e6kdAAUjwUO46a9eLRewAA%261116
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B699 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7ECD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2521 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Wed, 25 Oct 2023 10:29:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgAdtkLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMByAMTmAQAqgSDAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfaMDdl2WtPyoy12Zgzc2HTywiQymhyeH9yfdSi0uZy8j6o1i3DMGDE6UXWr0_VU8J4SCQqO19gITx2sgeFcrABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGiDAgqBgoEz6exArAT76XxCtATANgTDYgUBdgUAdAVAfgWAYAXAQ&sigh=L5DZxCgtvgU&label=video_ad_loaded&sdkv=h.3.540.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DgAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEDNPVEhTUlJGckdTYzhCTUkYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8E88 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYl6aQ1gEwAQ&v=APEucNVgGbLwDca0bzNxa0rqISYqaEOHaO4qbPBlFEqDJAA40wBiF335bTUzMo1WRGq69EvVLPHsuv16a-69frE5uyp9wlgA_fuZUiG14miTEiJlh_jHEcxFrNR854Tp0yXKudRG9ofJMEdQs98JMv2vTuLJ-CEayyti0sh3bflzKHSNhtB-DtQ
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A458 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1TMr9g4x48ezYv5e573MT7l4Lg1zNnymzEYCmgrdrqFSw7ehYUB7t22O19Z5GAzFRC4i2eiY5rHVkO-CPc1_nGRzPLw&cry=1&dbm_d=AKAmf-Bz1P0HMD17NYCnRuNx75UA5TaHwWrcboWUfvbAv1Pjt03IMIxytxnQckehwhTUkVULieIutBNd-zKE5MPs9Hp8O5E5z-wpIxETkfpA6G1NJ3pRWyiZhIDpDVpO5KC5XjVWXzusrEE_S6YxGpMbrTCjpPv0ac5UyjVPyA2yPw-Vmdi2twXvxG6iIITk22Fxnu0xHr8QIWnBofo3UZaC3Fz0noTJzHber3RDEoCIc4kjheeZuhd6QV5_WEvvPDapbA1kzwB9_4QnTffkCzv2lAusexglXi7CvkKAhm79AeuteCpFd43ttFQCyZeFFNAWmlS7iF2tv7uV7OL6SSfUPQrPrfFO4YNL4COWeiQPQ2dAtBf7ATdHD3dJcuxt1homIv72hrzNCePzH_gAf-2zTpQdrQrfH-c2iblmy_lRtgDinU3ElG9g2sHYQzUs9Bj_YvTdLzg-4ZQqUysB002oFsiG-SvLS8VK6iR6DYiv_mCvlBHFjO7YRVGGggiH7vEP4XpSdcuyEWcgafhG10wsWRAlG9HxCbZZ6igCs9Vm6XmDkzIo2TVjpy9phSZ-N7VXAh3jJVC06wKMBbR1l1BgrCudATJn82gJuH1QLx7Ykb-MEvUtWO4zRXoDnPVVnPPhZGTCKnkF_2luiuFVmsYqH7Y0ngN2FPzu4kmaDqQDi5BHoQDrAXg0sFSnEdRfrJDiFOyhYdu94izKwt8z6MjUQh5pyS5SavtKWYRDG6BFPp3o6_jYvhtUO7YgTurVaWX5Kj8fokStmrN7uQh-yHohp5u5HZmB9gT8BxbpoGBzOnKmO-JrZmy8vlfnLEtmWDI3zMwu4fXLoSr43dT7cLrsHj3t6S5ziHFdpMh9JglkU4gA7iiEfiBboCJj6ToIcvqas6KcS28ShdY9YxvaCWLY8EEFqH9o-QwYhSPvEWRrptH6nLREHIyd-bSyaT7VnC4Cyogg_gUIdz3sepBbIMT3CqToK6rd2-meEqZCmTKyzyckCInJgeJDfuzkfd_wdYxVpAVUsieGATzYL4VLfhS8KqoDY4Tzfq2ZorAreTheNNGthSTSjTIw0OUmSYLneE9Rj3ZhpZlHDTgaUrL0nNwy0DYjfywt4C-UUCeX8LPRRPoW_dz7QxiT0CbPBrEEKloYjDNo0jB4zdT8OdOOeb6O9Kre-ljG9DVOIFO7BbgPw6_NXwXIliNrIHV3T6OnrpzjBC6TH0SpIJfueKaiBndmy9lQmuL-D8fsgeZEp-HJxP0Prn0Cy-cpv0uZMx4OeXZvK3cwJlS_aoF8eGOXsiVmEBU7NbJeS0e5W94iag5UCDS8KqkFTC2gBV7bAfkEJ1kVpTcneZCzRAoGc3yBeDXhmr3Ym64fdBMR76yL3LWWWCvpLKWB1LR6FiWVDdrIvDi_McSz16qrhTfnugJyiBi4oV8D3sxDl_2W3yyZv5ubtyMhTMEATXqxZczlC4iaMC1IUGqC3TYcducmVAaA20hT0yQ-WbVTcB_3NxN-M4DKiylYeUu-na5uhfaBwFocYwFUqaSMOBItYjC5pQjuXcR55UZDL3TzIkWZH3vAT-Y37jhUT62c98FOgSOTDIQUXp3B2-wry02Ew3pk6EJuPvi02NVZJwje0mAdIXGziH_sXe0mjIlmfixuXxN7LwGfQV0WDM4inJj6dP84ZBE0jAZl5EgmhS2WFDzA7jrRybwsfBQvzNVd3JrL2sGU5k_Br9BLJC62WhE6nJDhSfFCAmJNriMYrEOD7x6kzjG_63UvnKTrUeVlcRToPsD67QyexhF73Nz7iztJ3HK1hfwd_5wKWFd1gSZ0lz5sVXj7OKjB_sqZ2XH-FG88tM6eIj4a90g1J87C354ZThAnNxV7G2KhEFuUk4Hj1nVf-758F5gwP0zgNAUbNNHpQX9WabiI4NvPcubWUeD5JB-5oULSN0gq5Fjck5H_ZzK0MhKWxji1gPCW34_TJ4xdoKWwdkznGeP0JX8YSZjONZ5MqCO1OXTP9JM23RfSoA5BC4LGO5JmTdB1TXYDQ7swtdt0MtNETvQCLrD6ewMR5SktWImyO3-K-RoRVSVOyoU6hG8SN54YiNrCqHdew9fnqua9dzlinpezFfw234rL0q91y_OgefnbU0FVF5aSQCDCxk9s1uT3rDAwXizliRygZMO8HLtVs8RD9XH8msuRntwYxGslAWaFOkj0EYA8Mlz4K8QFvxkEdSADpbaYTM7dM60qc2FaJ3mSo16Sv-9nYlpIOxYViBLHEIXHcOiYkp0S-b783qTYYebYxUKNp0fm7zl6b0YWLB7rovPLyLf-vK9cqFAUUpB2UAkZ7Ow4-tfG_APpuVlUstvIpZhFkrBA-hMH9xkN21EptVmeW2gmbr_j3OOE7CK9f2efddimRxderjw0m5A4Uo-HTISgcr2yAJoSNa37RksseXxgH9BT8vVoYX13Lx7YcFILFy1sPoUucnzGcXzCXeANz11EBu5Z9MmSLHCsStzhqNAeLwDeFcfYh8M9OpD9gF3q7hYSCdImpylh3RVAzBRjqSqaaSIi2P86LNiJ4SKFGAQQsv-WLddVuIe74gtpMkjP-dh7P2TdwIh5brMi4ObpdIjTK_SgcIVPIiP0UV0y9RGQ5nb7mUsolgwut4iAblnZ1iAqLDucEO-7JAbf4J_gI1ycR9E0c0CNpeRnP3u9luKReubT2GE3LBuYzGtbFj6rc2YEPC7IcA8nuZUVZD0dxwcm4hij22O-bzaYy844dI9izJhwHJfBHkMH4sCX0pSb53SvfY4nBaB5MVy6Vu8ZARcqffz6h0OuVV-1RMZdD_F5Jx22ZZqIZs-wWDqZpNAGyb5h5x9ZAhloDcf9BexuCRxRBo1xft-j-AqYC_s4zqPf_yNDJ-aXBgZkjW-u73XsQEPGp2AarRw79-DD1TcT_o5RktqhoZC875Q6dx4mqxrJZ24egkvO-Z8nL-3Gpn9A0Bx7iDxx3JmqmuzqEAHr7n_HJ98lYpf2nNz8Ww1nagOo5h9n0ScLHcarX2UXXTBrR1UqG4NUpcjthlhCUzpJRWRIbfCeKSF-Yz10EpKzbwga1zXtXe3YTmPdhGTAfag88zbJrIaMXf-54TWuHE4fdP7tSIk&cid=CAASJeRogBJreOns6f51bI99ucbiHAThXRlyaTXrmDE7D3pUdHa5bK8&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae9f1672fd0dfc348011765f7abf192657ebe0c1fb4389a3374c61ce65b25f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34265
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A458 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNUK7y0CnyqD-Cz7Klzw-dSLisJ2xiCfCQdkmHH0EOdPM3DjZQfz_d_bAp9q5D2Fhy4H25SWEk0W2Yg6rtczLp3v7_YNLYktpajSQan-6I_kVSCTw
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A458 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2080
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 09:54:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A458 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A458 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FB33 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 08:48:04 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame FB33
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvNtaC2Lur1k-tATGQj3fLwsLbZy1BxaGTegJSvgh6g_ywTY-Hwu03M1ArJ7Qt4o5uwdKRkvx9PX8PVjmkm3FHl5RlMdYO-_XiJlO8Ku8GGwQTl4tnSMDskp3sxDrhOa0IYxMc53...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:26:22 GMT
x-content-type-options
nosniff
age
482596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 20:26:22 GMT

Redirect headers

date
Tue, 25 Oct 2022 05:39:38 GMT
x-content-type-options
nosniff
server
cafe
age
17399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:39:38 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B20D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUhCskLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT0AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOb1w72tGuWL-W-OUKEhZ3Odd4lspE35Sy5xWQRQLv6wh-9pUkO37TgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=lypjxut8W2U&uach_m=[UACH]&cid=CAQSPADq26N9Qi60SQl3YC-KNbLPlhagVeOwm-M775g7gypbwetodjZGDLzjSBXWDgpIpbRchIqbNbUIMT2GURgBIBM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame B20D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFJPxG6wCyAGdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQkLpXY92vxh098exe1ZVQABIAAA&wp=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
315515
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7707 		127 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1e2ecd91a31edb49c563e1f6b19ff43c32d2313bc0633eaa1c3630e56da6f6b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=U-lOY5axu3gKYHpQwzNpHeP6Wli-G-OIsG21TbuvN2akUPhg1tqVbiTeAsjT8bS8Y2SrMhCS0me8c9sBfHd8lFFbcKQMQIN02yzEyarTbHRCOtxOE_8EildC7b5S6j5A1Vxwb_KLx88qreAg404HcrGzrX2qy-VQyAcx7NdU7OHwSKTviHCi-b_gharmO9XFmZC9jk8o4Rk1LLgg-dKgoXdWSxOFoZuJo_uOj_XfGM4ydT7G3YscmFdO0OPW0Gu2m9pZjQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
94062169
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B20D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2080
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 09:54:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3E50 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 11:22:46 GMT
etag
48472445140208031
expires
Tue, 25 Oct 2022 11:22:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B20D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:49 GMT
l
www.google.com/ads/measurement/ Frame B20D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIZXeNVhDgduIvSS-bWHePnGvQ5MskiBjvmcM8gKhRAcLn_-FzYgcDarUqGXNnzgOrz4nbjzUlJPEaQD9FouLbvuDGYQ
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B20D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 08:48:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B20D 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 28A0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 08:48:04 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 28A0
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssKQTXnIJP53NtlzsBi6gkBwjBK2-tDlPJ1buC1V90IV3_nqdNYOw1a1QeiWZJR7_2A9XAA-sUA-FoaeQkMBosfDJluhEqLngExZGX4NqxarPdOVKhrP6FgNR8G2DkSxSfxMLx9c...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:26:22 GMT
x-content-type-options
nosniff
age
482596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 20:26:22 GMT

Redirect headers

date
Tue, 25 Oct 2022 05:39:38 GMT
x-content-type-options
nosniff
server
cafe
age
17399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:39:38 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 150C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 08:48:04 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 150C
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsv1BSrsc5ejSoIolR0T2wP8SOn8qt1EpTqLNU3zLlPymymTyCSkg08h-DuQExlaz7v4V6oACyV4E5oxuDZu9wfL9z-tTVwyYKZfsxBoDb585wTdKaYBapnFsq7wOfTI0nErv_yAv...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:26:22 GMT
x-content-type-options
nosniff
age
482596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 20:26:22 GMT

Redirect headers

date
Tue, 25 Oct 2022 05:39:38 GMT
x-content-type-options
nosniff
server
cafe
age
17399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:39:38 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 16B1 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 08:48:04 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 16B1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss18CsplA7szeyxGN6PqUvgWuOoDjGG7MiZlkxgoVk9qaIck9_yHqev2HCrQu2z6kwVo-sW7o-ijcsag7N86JsQ0xQa6U9xc4zn1QxbGL421dmLVu2ti4E0CsSPOd8nGpXD2n1FR...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:26:22 GMT
x-content-type-options
nosniff
age
482596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 20:26:22 GMT

Redirect headers

date
Tue, 25 Oct 2022 05:39:38 GMT
x-content-type-options
nosniff
server
cafe
age
17399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 05:39:38 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3F1F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32236640&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-length
0
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 25 Oct 2022 10:29:37 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Tue, 25 Oct 2022 10:29:37 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 141E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.540.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89472
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 09:38:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 141E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 141E 		0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9BAhnbrnaJH70MU7rw3zaX53rHT4rDorQVvLrC_Hfy9sxtpXfNSEFkbBStRJsL3-z76qLwbU2zm5lccVd3518DlPUUuvF3lZB9KFjQjAxZN23MiZO1JFNE8HQG-NAFKDA2mwhFoY2-qt_vQLyEpOsaGR8vx7PvhiM7RaXsFOIbdYikynNV4mM9y-yuFhyReRfOpZvJYup6V_s0CeCLtAWcXNABdTN9HHtluXHFmI7sUg8V7fBdVjEF4NBo5psZqp4OAXyqw3ep4oMIed8H6OqJPxPLCe5BqsRh7GP1HRj5ueDw4bOvY3mTiNYuB32c2YAACxhdEzazYJibZBc0_Wd3gFtDHwRHBv4BB8Un_yXbwZrKd1FBj7ryOOAj1H_-_PTjfALNZNBdTG3lFW9MIrdlR6BuYzPSWaK2FfFnvUjCUdY7pQ5rFtSzuHgGpQ5YGn-YfMFueBe2q_YBSZezkh_zoZ68F7Ue6LGY9vpCGdTuL44Kn0LQBQNVnWcfhhavt9zv7N5N0e8hYoaNgTt6NYuIlVFLXCxvPrVQjYx11r0xpWleKIFf30P9yZIaRVii9QMukhRridZC8k5S2OYvqVewDDAqTUbNK_XnsC4gStuk2kNyQXJto9xumubUuO3_JnRgXGhCOy_iQcHbReCiy2Lk3yawjJ1-oh1RXKVD0MS0HLV6PU591LYEE-zUxYLy1rm42f8tJGqEDLbvXL8-LtlmKsuQxV2LQ-n4UjdcjQYMmez_hl-TzJwp56W2mhFz9xtSvHoxdr3IzvKad83P3hVe_np5ILm4Cssklu_5y1qRWWLclmmiU0mg8RyyEiz5EPrsCqtecNrukyY8nB1yVle-_71DSJKusre1fmBxMuiEWRz01dgCy_grsGH6QK_c3gmxpo2lV2eFCYuLwVKaEJrIDmtHZMZbxcesCh198i911cxDv49ncSjdER4XedAqc-KqfRNbj8zVvki9kwqMvxydvS05GTKAzZU6M0v9R8MKWHz5CUCNiIBAuEGsMrftAcFm52Pcjyakyi9Mjp59vFLby1K9x8XtvK2_Fb9502qNTyhONVQZxdBD3czHaL3YbkWBmFXoV5VFOjc0WIbWEmk45hMPJC7cxJ2L_WIvOHD7JnBmjgWqIOGJhvSrb-yw5jz9BO18h7JUcC27VmMNBj9Rr8mLjFu1sq5xH62HAa9Scl08bec_pHtTWx7PBEsrWzx9aTRf2Ib3m3iRxHvBOuaJvAE6n8AyMlk5arkQcIuIh0iimV4pgCdIp5T&sai=AMfl-YToElOJzCG6MIWOmTUpIx4oOJZ9GK1HFL7Cfqsg9u6mKA2-eoPhtDvY1kxJYHqUcoEgKHKxbcXQjkWb1D7h0avigmBPtNCC0_7K7gfwQPvB-AKwwCDvHSPU1qpKK9CkNvEuBAqZRCrKYg-f2Ss5Wdk2DzD2K9cr4PQTmMQkbwI_QVpOMmnHME17pyiSI_fYqr7lRJAD-u5UxIGzD5qFZRu4orIpDQ&sig=Cg0ArKJSzAxhk0rNfEZXEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.540.0&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 141E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjQsonRASABMAE&v=APEucNUT-GxkzyQlM0UOZapvBxQzrdxnejwyX5NvIPiy4SY3q59XettNNn8JbcSSYIf4Pa02_h7ey28cqC4_72b3DYj-sFjNZA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgAdtkLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMByAMTmAQAqgSDAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfaMDdl2WtPyoy12Zgzc2HTywiQymhyeH9yfdSi0uZy8j6o1i3DMGDE6UXWr0_VU8J4SCQqO19gITx2sgeFcrABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGiDAgqBgoEz6exArAT76XxCtATANgTDYgUBdgUAdAVAfgWAYAXAQ&sigh=L5DZxCgtvgU&label=vast_creativeview&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,13737%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777855%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1666693777109&sdkv=h.3.540.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DgAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSKEFUABaEDNPVEhTUlJGckdTYzhCTUkYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImqyflJb7-gIVS9feCh0MRAIFEAAYACDT2fJTQhMIxYL5k5b7-gIVCJN3Ch07qwD9;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 141E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImqyflJb7-gIVS9feCh0MRAIFEAAYACDT2fJTQhMIxYL5k5b7-gIVCJN3Ch07qwD9;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,13737%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777856%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1666693777109;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY7luK3Uc6C9B0pTBrB9ILsDlQFFpya4N1Vu6k0hPg0dAq4yQnvYkU35cf6Hwbm1LUX29K4cK4AxrtRQic1MyAyo1I3Pki-YkuNwiqcyzyTtQsnBb0zg0FUq965vWFIY5P9DvUYA&sai=AMfl-YQXI5KvmEh-apMtIKB-0CH7D075xPvj3TVlSlMkIWuqA9fxgG4dN0KmSHlO1_l7FqJGJ8MoIWFUExEobgpFA4u0ukssmXqqg17etS8eB76X5iHCa63B4XwgSRPrO6A&sig=Cg0ArKJSzPMBpdHIXPQ3EAE&cid=CAASJeRoNHWiVKgs2DPjCBeRvAAkRRrLiiQD81CSvPAd9sKswfQsqis&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,13737%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777856%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1666693777109&avm=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImqyflJb7-gIVS9feCh0MRAIFEAAYACDT2fJTQhMIxYL5k5b7-gIVCJN3Ch07qwD9;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 141E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImqyflJb7-gIVS9feCh0MRAIFEAAYACDT2fJTQhMIxYL5k5b7-gIVCJN3Ch07qwD9;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,13737%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777861%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1666693777109;dc_rfl=1,https%253A%252F%252Fwww.walla.co.il%252F%240;ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgAdtkLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMByAMTmAQAqgSDAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfaMDdl2WtPyoy12Zgzc2HTywiQymhyeH9yfdSi0uZy8j6o1i3DMGDE6UXWr0_VU8J4SCQqO19gITx2sgeFcrABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGiDAgqBgoEz6exArAT76XxCtATANgTDYgUBdgUAdAVAfgWAYAXAQ&sigh=L5DZxCgtvgU&label=part2viewed&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,13737%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777861%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1666693777109&sdkv=h.3.540.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DgAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSKEFUABaEDNPVEhTUlJGckdTYzhCTUkYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImqyflJb7-gIVS9feCh0MRAIFEAAYACDT2fJTQhMIxYL5k5b7-gIVCJN3Ch07qwD9;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 141E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImqyflJb7-gIVS9feCh0MRAIFEAAYACDT2fJTQhMIxYL5k5b7-gIVCJN3Ch07qwD9;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D85%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D85%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D85%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777865%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1666693777109;ecn1=1;etm1=0;eid1=16;
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 141E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgAdtkLpXY8X6GYim3gO71oLoD9Lzps9sv6nVpJsQ__WQ49cCEAEgmaPPKmCVkq-CuAegAcjHtfICyAEFqAMByAMTmAQAqgSDAk_QbVceTDQSwUKQ2yKQu9QmrSe33OCYGhC0Veg78T7HXGH9yerxphVME3KwESfmAdk5fS4oNw0d9-0WhiaZcPmoeRcTeLRlu4HJT_OypyafZtsqF2LTVOPF6fvVDOsc20pHByoXU3zLLOSGcbFrLo_MBR4vsCUjUR8gBTWI3DEcEZgNg-Lj8YSuwXTz_NVCD7ROOqyD8YmzPyB-xNa3e7m0MHjeCW1QCcPPCUm3z_4BR2zjVt1RGomBdzGf26FTbsVDfwqfaMDdl2WtPyoy12Zgzc2HTywiQymhyeH9yfdSi0uZy8j6o1i3DMGDE6UXWr0_VU8J4SCQqO19gITx2sgeFcrABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGiDAgqBgoEz6exArAT76XxCtATANgTDYgUBdgUAdAVAfgWAYAXAQ&sigh=L5DZxCgtvgU&label=admute&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2419,790,2749,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D85%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D85%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D85%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D957%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D199395270%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1666693775901%26ptlt%3D1666693777865%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1666693777109&sdkv=h.3.540.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DgAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSKEFUABaEDNPVEhTUlJGckdTYzhCTUkYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/ Frame C57F 		119 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc0640a5ef49753a80cf60a50c133c1c1ab6a26e9cdf42469832c621b94d65be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
522466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24375
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 09:21:51 GMT
expires
Thu, 19 Oct 2023 09:21:51 GMT
last-modified
Wed, 03 Aug 2022 09:06:51 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame B699 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJG45kbpXY4zREs6BzQaylJKID6z3jZls5tK5mqMQ29keEAEg0ZPDKmCVkq-CuAegAZjhvqsDyAEJqQLKw-KwK9eBPuACAKgDAcgDAqoE5gFP0CTUeMEYDijmfByLhByCDm9kmo4f97oz_T2osEPd8pGxM7bJY7EZ8VTGJCrhaYNpsCD3jM9qEa5I2i7YTY636KSAySSNpueJOzgk0vKaTITBxjaL0hEDx2andtrd5ny-5LzlVx4g8Ec6ycCJGFgyZ7iav4scdJXPOU2m3xVBr0bpqvmRng5qE0AhrJCS5m_cvZSUXatVRu_-ToZRPvaRSEotcW5T6h7biIVRmQg79lvSxIR8R7OfhI1BhprkSQx8wXky1tQW2Rs2XtSx6TSlU4uDBnw29CK2JiI8uaq7m7fCCBxYPsAE7Mf79YAE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB9CewVSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCK9THSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=IefuueLD_U0&uach_m=[UACH]
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame E4EE 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:15:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B699 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 10:10:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B699 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5B95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CT2HkkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPYBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-vJgLKHrdKWvh4fxGXYv7jGknjHf58r9KRILbY0GTf3CDlTbqTKd4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=0dl9iE3Ky-w&uach_m=[UACH]&cid=CAQSOwDq26N9gCcBkUSxvKXDBwnrX9dLZ788TuKm4iDd61zGPN29hGMMOOlGoqoJYMp1zs2930CtpOuudFeJGAEgEw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5B95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQkbpXY8CaZP-jgIXOCdNKABIAAA&wp=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
244207
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame FAF8 		182 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
048d4401cfd88bb893738052af34fec5433735b6b31e29c6fc6b08a899739e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n9_DyZaxu3gKYHpQkO8vH_5lg5Fz8dWFGCrbwvWeGZnDRwetWzhnbAEfPSkZFP3S1ypYFhj-NTNQBAaxSAMDZE47C1QL_R7_D3DUNFP0yZ-On8GD11Z_nNTo9UaXfs0sonW20-Fl2t_v7oNlMW5Nrz_Ycn6RRS82TP8lPnk7Hon-rMKUjpT_IdLzlK2CV5p9s6lW6axm4GO_WAKNrqYGJ6nQOsWgE16wZhiUw3PernZ0ZEXN8ryLr7IWsgcHxZCHr6DDMA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
117257831
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5B95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 10:10:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B29D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 11:22:46 GMT
etag
48472445140208031
expires
Tue, 25 Oct 2022 11:22:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5B95 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:49 GMT
l
www.google.com/ads/measurement/ Frame 5B95 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbOXYr30aj17fiorCk1FqdOiof7BBXSP7hfo9hy2XnEXnT2j9EksQ_5cWfIAPougR_C6R594jHk402Mx7vt-H8TqK3zA
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5B95 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 08:48:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B95 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A400 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGInEo9IBMAE&v=APEucNVD0z8g5wFkUWOj00S-bBMPz7kGfZ4AGdGlq_hWLt8EQZ7nkACRi5m0z28xrYKjeJTCxfpY08ieLDE2KP_Q7hl4gz3YmxHFFsjmF0SuzbDexxol6C0WY8yYQbhubwdQDAVTrgUxxJsRB8Wy9z0ybl4X8tr53g6Qx4k6JNo-iPAe3LqFcyQ
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7ECD 		70 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeMzF3cNKJ19kkMi0E5c6jXJU8WLpUND_O9cHlwxungu6MeGHLta5_UuSgO7RWfrVrZVudG0x1_45xK8C6DyayoMh8dA&cry=1&dbm_d=AKAmf-CNkEp8m4Re8rg8OzgNF5H0kfjhBwytE3wJrHcS77hcVnHL9wthuhLORwhzqgDb8xS0Vh-lh8tAAs_2n4qWtaIjV7okVupeH7g-mCIHMUOEeWLFyWEE9nXwl1h3Qqjz0nT_NFyHwiofsXqjkPZ9-yGnwhRYIdlMdEF9eDvqXUEA-8OqXP8LSWTDa-pBVlXcszMGuKySWLqefEF_64UZcnphb87Y5NUfA50HhKDCqlP7j1nozYfHPb5yzCfEtlkGravW5lDesCBmyInhAiq3EbWPXUBMvohHQOa2Ada_3JPSvIERw3HmFyWvshxMfHGSCLjgW6mWe068WfDW2_IHkTRj-6b5xIhZExc3733rdkv7lxcVswSgZO9bVq2RFPfhQAB-ohGtHwKkeu84tdtAj47vNjGgbOTv6hiIXfCatwIBIzTULikXpVz4uMFdsSE0Kr16PFY_5x425b106MHSb0uvnIZLeXP_B0Se5uhvyvZfi7w7_rwuSEotv04vxUuRkYvMlDpWImAiNmIUlIni6TkHIrIdLLV3iiqvb3l_9sxRUy2KjpPneUlq3r0BHYmsDcB24SVfXXsztJTfWEzGRpHX4Pq3bNiE3kCy3JFgl0iOmJDugOmBsVYhzA80fWGsbEKbt65drBCU4-jTaOSQPgz1jGQMTf5F_PuH4vzCHBtikuwJyzKzS0F7bzGKrENvPm8DsR9DnJuljf4N9COfF7hb7OGK3Vosx_JIWh8xBSGVfr_oklcMGNre3OwNgs7R-0mgmDIHP5mIS9Nj7txIY3jXCQsOtU1maHl1OrPXW-081DFM0UEgBhPLbl5Vrvw_aFPR3pwIewAsHqWdUfHZRN0PGBGxk5OPD_9r4_xjen3dqdhL8rWxPbjznmzxYuvTpTMbxlsoHd59UzJzixyc-a9SsiJD-x6eCQBjjYHqqUleS-2Nf-K0HsUxOiWKuCMQLmglREuEVlJgri6k81_XiyrmHhvfn--ze9rOcWvpv2elGYImWlGBooD6YeP-SdXdTlic0DDGj4ESm6SBNOMxODQPQd96HbHox91MVzbnqsROCFirzw_jtsd8qr0vj3Pw3rkW088VsHkOjmTF2eabCy3xD4KEz3G9BAAYWlhRkR_UmbuN0T5r31j3gBzV3lyj-YFkUo3rpH1grt7EOrglHVa8PhE6IiVe56NerO61K8FS9R9CxMqaN9mlMceI4TOK1GMj6eH2yCUDfa1CZXn0Wfpltv461jKROaEJw51nWUxCJKwmJANU_mTf1-WbBwI7wEw0GEfpdhE6aWbtP7BOifwU08hDziSczhzg2RWS-CsGx7o4n8CWgxbB4GKyHPDeguVgux9fowzRgrFhDZc1NQ_fsLAGhM2p6-3RaYDJTvVy2XxiVbmcLoAjfsLdjW8b9JVhSv-chi5Ak_R3ZiIaUazzzDsW_AI2_hNtUwX4J7rnv-M--7JT-DrcUcwvYIzOrNJWZ3_15pHue-W2OyF1iDLhqqmjbWOl38hskP0aUPADjxzyVjyDrtzQj98NBCxzhku9ud21AvatTuyM67fXNW2bopY7XduKjo-XMGtgtxpybOrTTP7P82jjP3XoRJWKWdrZmPw45ZyN1N4XX2Ema6_5epQw4W00SorT510Rnm3VE0Uy0RzNNu-kNchW-1v0xVbvJ0TbwiYH1IW1rNxah56vaewJi7Vlk2YzS83YK-cMD1sp0dALl8goCcuQZ3muBqnpXgX7an8tI-xYOUHKMqWe0bnSV2FwVOtd9eejGf8_tykA0Opr4507d1s7UgduuXUOwz4YUofQyRoFfyW3Y-uDVHtq29L5F9VyG5EahdBS4voNz2VD0KwMqMxWxGJ3WVaOcSl5duOi8x19mRS21uyOhNgxtRw5ooDjNKRbUnfzc1gCHwB4m6F3FmcrBQ7OhoAfwuZXf0fQp6Y4ydLSqO4jeho15GP9K12U6sz1GaUoaFo6cKBH8hGUJSZkKUqYnKr_dD7VGLkGwBnS0kqvZpSA6WucBL4BNipVZI9HMUtDdm_WJE1q3iizw7BbSbzN5420Y99220Nlb6Pwk7oXbI4bCplFga2umnfnPPVUVAEvadXNQsnx043Vb_MIhWTpK4No3DbLbdtFzd_mUyudtO8o_KOf4u_BL8o5trzVgozRK6FvArK93K7kyHMgTWsfUm-Voi3kKw3jXzDN-Uj7yodHu3gWFjqxzs7pcxcMpFjzL0JJJJBIuSYLnVbKN3AJlkeOxe_7njN5cEeeV7inEG0krzgpO_1kk2N2DdEpjJ2dWq92OMWBKH1T3ahYcs787sFEkA9XCJFEAcUT3ztSs0R60LPzvGuOeg083mWB9-ImsvbCP5p4Kq3Zo0OwgtgVG1xXW6_VszvT9_uHU51WcqPjaY2d6z-Xjn6-jqOFaz7EQFVwSKCn49zBT03b0wP6_Xy-wxQEemLLwSvta8acWi8YLMKz81C-jjDM4k5BdOd8DqAEnUFjO820mj5vm-ZMeYzOJdXkCuuR9UU5jjkxtWBbVv9Y3XaWcF1tF3osBCVUljdhqhjztelaNpvPZCrhz2ddKPS-mg2Zt52V6vkyaYTvwtXKUnvW4OCqJ4Wp2tqWuzrpuFgQKK1wTcUivo327VNZrCht1V24sr1o1l0tEw6ti2M6RcEdYqpLZYopomb48WTfdJDviS7U1I-0y3mXKcYSz7M2v4ZSmEEI4FRhnn8vKH8Gl7UXLRwzTPRGfg130GBtGFJhSCCHHJ8HI0gF38dxMXi_7gj8E6xF2I8eZZTmHKP1RjY42TBc2WXeg48HlA2unEfBYTbAJKc6TkzP7fVKpGZY2G6PeUbXSgPc4Vawumv9PKiIQ0ikcQlKva5-xbnMn04k3W1_BaRYgdtZq8tddUNXVQxAOFM1ryezZ9fSnTOPQyLrfiECyC0pLLkB6dnaSPfNm2h1z7bDdW3Ks8cXTtJnDZtb51i_hoAJ5l7iEMQ6L3nJCoBaimDIPA-_Odj77yK3yVB_I5ooVZQ6cfKTnyrAd1cc5XUTNTOt_6cQtRgBL-JnMyTdXfWDEqD9fbhFYrR2z1dDPpD9zr9vEotQAEF0XeUPUJip4TZDNjCRMvmhXDwJwbtrxu1OAhYTjIrGrFq2kYHHkKTpFPo8FdGNI8SK3fItXPtUWUqfDs6fkwLmM7Pn91qke7eRrNrNAZmJT35pmrcq-rI5N4x1W3G4DhATRkkuG9l0rrzMUlLcSuHPuVc_q-24XjiAi54sxoXY6QPSUILoOxLOBgRFFHooJfLRcUiAiaQPR0OfdI7YQDa0TQ&cid=CAASJORoiB6h50NzZQGUFr79TalgIk3_DyBhXSWgF28TbXV0J8Qefw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ccec69c3875281f687e0a18f51826a5e1a7feafc45158b01ec6e7cc05a37996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33267
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ECD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWLmV0ssgQBDDh_PaLKKhnHdTp_zDDJ5LHWiit4n9_yd_yTJ9zZiGxDieRik8p-LoS2ygHfHLtJ-mz_zXf03-8Bo9TbqgJDFPAXHX_E7EKAApbhtQ
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7ECD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 10:10:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7ECD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:49 GMT
l
www.google.com/ads/measurement/ Frame 7ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaREvBi7F5FmcMGbt-FpTjApl7i6OsmB9z2zrJ5ZuAAv4djT6LyE5PP-AuHyeEjWZJhT9qXDDuvryZ5AumBY9ph6PhxB0g
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7ECD 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:37 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYl6aQ1gEwAQ&v=APEucNVgGbLwDca0bzNxa0rqISYqaEOHaO4qbPBlFEqDJAA40wBiF335bTUzMo1WRGq69EvVLPHsuv16a-69frE5uyp9wlgA_fuZUiG14miTEiJlh_jHEcxFrNR854Tp0yXKudRG9ofJMEdQs98JMv2vTuLJ-CEayyti0sh3bflzKHSNhtB-DtQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E88
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1e6kdAAUjwUO46a9eLRewAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYl6aQ1gEwAQ&v=APEucNVgGbLwDca0bzNxa0rqISYqaEOHaO4qbPBlFEqDJAA40wBiF335bTUzMo1WRGq69EvVLPHsuv16a-69frE5uyp9wlgA_fuZUiG14miTEiJlh_jHEcxFrNR854Tp0yXKudRG9ofJMEdQs98JMv2vTuLJ-CEayyti0sh3bflzKHSNhtB-DtQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInGtV4G2_tMYqYnML0J75E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8E88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKWUkxFfuPE10UCkczPADj4&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKWUkxFfuPE10UCkczPADj4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYl6aQ1gEwAQ&v=APEucNVgGbLwDca0bzNxa0rqISYqaEOHaO4qbPBlFEqDJAA40wBiF335bTUzMo1WRGq69EvVLPHsuv16a-69frE5uyp9wlgA_fuZUiG14miTEiJlh_jHEcxFrNR854Tp0yXKudRG9ofJMEdQs98JMv2vTuLJ-CEayyti0sh3bflzKHSNhtB-DtQ
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:38 GMT
AN-X-Request-Uuid
8eac24f5-2d08-40cc-bfae-b9b752d41df6
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKWUkxFfuPE10UCkczPADj4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8E88
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxODUzNzEwMjY1MjcxNTA1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxODUzNzEwMjY1MjcxNTA1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYl6aQ1gEwAQ&v=APEucNVgGbLwDca0bzNxa0rqISYqaEOHaO4qbPBlFEqDJAA40wBiF335bTUzMo1WRGq69EvVLPHsuv16a-69frE5uyp9wlgA_fuZUiG14miTEiJlh_jHEcxFrNR854Tp0yXKudRG9ofJMEdQs98JMv2vTuLJ-CEayyti0sh3bflzKHSNhtB-DtQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:37 GMT
AN-X-Request-Uuid
6ff4e8c1-6718-4036-a1d0-ae8e6890fbf0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxODUzNzEwMjY1MjcxNTA1NQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		160 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c11f1d89bab77d20fdcb19b628c6c6221f20bc85deaa925da92e895cf1d940a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
44614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
34171
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 22:06:03 GMT
expires
Tue, 24 Oct 2023 22:06:03 GMT
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2521 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeIy7kbpXY4_REs6BzQaylJKID6z3jZlst7vzjZcR29keEAEg0ZPDKmCVkq-CuAegAZjhvqsDyAEJqQLKw-KwK9eBPuACAKgDAcgDAqoE7AFP0AiEqbiy2KVNUIvjhsA3RqA5PDUdh1av2UGe606E0KKJipH7X7crP9TT_PJQkRGmp-l_O-We1jd3_aPkABBZ4jRJc9vAn8Uw4tabmsafg9ifIwU_Jzj5HlvjSFdxPt5RdqRBMK8AX26LeDa1ETTRMRSauzTip2Aj9I027rPeQuqf60dvWc4WLyuMKwIHtrBJz_FcVak7Bfj1FzzpFu5eECPBe_umiXTfarGVnU6g64XQ26bO2dbh5Jnfz3AKvMVE4p6oID3f-GRX_HwLAX8B4D5BKdUEG1uomZwWT8tNn9f2GSNCZ1xsYX4Hc8AE7Mf79YAE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB9CewVSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCqwQ_SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=e_p8FVWKZE0&uach_m=[UACH]
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7B4C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:15:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 2521 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 10:10:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 2521 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:49 GMT
css
fonts.googleapis.com/ Frame C57F 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700,regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 09:25:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 10:29:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C57F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 26 Oct 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C57F 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
52591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 25 Oct 2022 19:53:06 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A458 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Origin
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 08:38:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame A458 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1TMr9g4x48ezYv5e573MT7l4Lg1zNnymzEYCmgrdrqFSw7ehYUB7t22O19Z5GAzFRC4i2eiY5rHVkO-CPc1_nGRzPLw&cry=1&dbm_d=AKAmf-Bz1P0HMD17NYCnRuNx75UA5TaHwWrcboWUfvbAv1Pjt03IMIxytxnQckehwhTUkVULieIutBNd-zKE5MPs9Hp8O5E5z-wpIxETkfpA6G1NJ3pRWyiZhIDpDVpO5KC5XjVWXzusrEE_S6YxGpMbrTCjpPv0ac5UyjVPyA2yPw-Vmdi2twXvxG6iIITk22Fxnu0xHr8QIWnBofo3UZaC3Fz0noTJzHber3RDEoCIc4kjheeZuhd6QV5_WEvvPDapbA1kzwB9_4QnTffkCzv2lAusexglXi7CvkKAhm79AeuteCpFd43ttFQCyZeFFNAWmlS7iF2tv7uV7OL6SSfUPQrPrfFO4YNL4COWeiQPQ2dAtBf7ATdHD3dJcuxt1homIv72hrzNCePzH_gAf-2zTpQdrQrfH-c2iblmy_lRtgDinU3ElG9g2sHYQzUs9Bj_YvTdLzg-4ZQqUysB002oFsiG-SvLS8VK6iR6DYiv_mCvlBHFjO7YRVGGggiH7vEP4XpSdcuyEWcgafhG10wsWRAlG9HxCbZZ6igCs9Vm6XmDkzIo2TVjpy9phSZ-N7VXAh3jJVC06wKMBbR1l1BgrCudATJn82gJuH1QLx7Ykb-MEvUtWO4zRXoDnPVVnPPhZGTCKnkF_2luiuFVmsYqH7Y0ngN2FPzu4kmaDqQDi5BHoQDrAXg0sFSnEdRfrJDiFOyhYdu94izKwt8z6MjUQh5pyS5SavtKWYRDG6BFPp3o6_jYvhtUO7YgTurVaWX5Kj8fokStmrN7uQh-yHohp5u5HZmB9gT8BxbpoGBzOnKmO-JrZmy8vlfnLEtmWDI3zMwu4fXLoSr43dT7cLrsHj3t6S5ziHFdpMh9JglkU4gA7iiEfiBboCJj6ToIcvqas6KcS28ShdY9YxvaCWLY8EEFqH9o-QwYhSPvEWRrptH6nLREHIyd-bSyaT7VnC4Cyogg_gUIdz3sepBbIMT3CqToK6rd2-meEqZCmTKyzyckCInJgeJDfuzkfd_wdYxVpAVUsieGATzYL4VLfhS8KqoDY4Tzfq2ZorAreTheNNGthSTSjTIw0OUmSYLneE9Rj3ZhpZlHDTgaUrL0nNwy0DYjfywt4C-UUCeX8LPRRPoW_dz7QxiT0CbPBrEEKloYjDNo0jB4zdT8OdOOeb6O9Kre-ljG9DVOIFO7BbgPw6_NXwXIliNrIHV3T6OnrpzjBC6TH0SpIJfueKaiBndmy9lQmuL-D8fsgeZEp-HJxP0Prn0Cy-cpv0uZMx4OeXZvK3cwJlS_aoF8eGOXsiVmEBU7NbJeS0e5W94iag5UCDS8KqkFTC2gBV7bAfkEJ1kVpTcneZCzRAoGc3yBeDXhmr3Ym64fdBMR76yL3LWWWCvpLKWB1LR6FiWVDdrIvDi_McSz16qrhTfnugJyiBi4oV8D3sxDl_2W3yyZv5ubtyMhTMEATXqxZczlC4iaMC1IUGqC3TYcducmVAaA20hT0yQ-WbVTcB_3NxN-M4DKiylYeUu-na5uhfaBwFocYwFUqaSMOBItYjC5pQjuXcR55UZDL3TzIkWZH3vAT-Y37jhUT62c98FOgSOTDIQUXp3B2-wry02Ew3pk6EJuPvi02NVZJwje0mAdIXGziH_sXe0mjIlmfixuXxN7LwGfQV0WDM4inJj6dP84ZBE0jAZl5EgmhS2WFDzA7jrRybwsfBQvzNVd3JrL2sGU5k_Br9BLJC62WhE6nJDhSfFCAmJNriMYrEOD7x6kzjG_63UvnKTrUeVlcRToPsD67QyexhF73Nz7iztJ3HK1hfwd_5wKWFd1gSZ0lz5sVXj7OKjB_sqZ2XH-FG88tM6eIj4a90g1J87C354ZThAnNxV7G2KhEFuUk4Hj1nVf-758F5gwP0zgNAUbNNHpQX9WabiI4NvPcubWUeD5JB-5oULSN0gq5Fjck5H_ZzK0MhKWxji1gPCW34_TJ4xdoKWwdkznGeP0JX8YSZjONZ5MqCO1OXTP9JM23RfSoA5BC4LGO5JmTdB1TXYDQ7swtdt0MtNETvQCLrD6ewMR5SktWImyO3-K-RoRVSVOyoU6hG8SN54YiNrCqHdew9fnqua9dzlinpezFfw234rL0q91y_OgefnbU0FVF5aSQCDCxk9s1uT3rDAwXizliRygZMO8HLtVs8RD9XH8msuRntwYxGslAWaFOkj0EYA8Mlz4K8QFvxkEdSADpbaYTM7dM60qc2FaJ3mSo16Sv-9nYlpIOxYViBLHEIXHcOiYkp0S-b783qTYYebYxUKNp0fm7zl6b0YWLB7rovPLyLf-vK9cqFAUUpB2UAkZ7Ow4-tfG_APpuVlUstvIpZhFkrBA-hMH9xkN21EptVmeW2gmbr_j3OOE7CK9f2efddimRxderjw0m5A4Uo-HTISgcr2yAJoSNa37RksseXxgH9BT8vVoYX13Lx7YcFILFy1sPoUucnzGcXzCXeANz11EBu5Z9MmSLHCsStzhqNAeLwDeFcfYh8M9OpD9gF3q7hYSCdImpylh3RVAzBRjqSqaaSIi2P86LNiJ4SKFGAQQsv-WLddVuIe74gtpMkjP-dh7P2TdwIh5brMi4ObpdIjTK_SgcIVPIiP0UV0y9RGQ5nb7mUsolgwut4iAblnZ1iAqLDucEO-7JAbf4J_gI1ycR9E0c0CNpeRnP3u9luKReubT2GE3LBuYzGtbFj6rc2YEPC7IcA8nuZUVZD0dxwcm4hij22O-bzaYy844dI9izJhwHJfBHkMH4sCX0pSb53SvfY4nBaB5MVy6Vu8ZARcqffz6h0OuVV-1RMZdD_F5Jx22ZZqIZs-wWDqZpNAGyb5h5x9ZAhloDcf9BexuCRxRBo1xft-j-AqYC_s4zqPf_yNDJ-aXBgZkjW-u73XsQEPGp2AarRw79-DD1TcT_o5RktqhoZC875Q6dx4mqxrJZ24egkvO-Z8nL-3Gpn9A0Bx7iDxx3JmqmuzqEAHr7n_HJ98lYpf2nNz8Ww1nagOo5h9n0ScLHcarX2UXXTBrR1UqG4NUpcjthlhCUzpJRWRIbfCeKSF-Yz10EpKzbwga1zXtXe3YTmPdhGTAfag88zbJrIaMXf-54TWuHE4fdP7tSIk&cid=CAASJeRogBJreOns6f51bI99ucbiHAThXRlyaTXrmDE7D3pUdHa5bK8&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72523
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:20:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame A458 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1TMr9g4x48ezYv5e573MT7l4Lg1zNnymzEYCmgrdrqFSw7ehYUB7t22O19Z5GAzFRC4i2eiY5rHVkO-CPc1_nGRzPLw&cry=1&dbm_d=AKAmf-Bz1P0HMD17NYCnRuNx75UA5TaHwWrcboWUfvbAv1Pjt03IMIxytxnQckehwhTUkVULieIutBNd-zKE5MPs9Hp8O5E5z-wpIxETkfpA6G1NJ3pRWyiZhIDpDVpO5KC5XjVWXzusrEE_S6YxGpMbrTCjpPv0ac5UyjVPyA2yPw-Vmdi2twXvxG6iIITk22Fxnu0xHr8QIWnBofo3UZaC3Fz0noTJzHber3RDEoCIc4kjheeZuhd6QV5_WEvvPDapbA1kzwB9_4QnTffkCzv2lAusexglXi7CvkKAhm79AeuteCpFd43ttFQCyZeFFNAWmlS7iF2tv7uV7OL6SSfUPQrPrfFO4YNL4COWeiQPQ2dAtBf7ATdHD3dJcuxt1homIv72hrzNCePzH_gAf-2zTpQdrQrfH-c2iblmy_lRtgDinU3ElG9g2sHYQzUs9Bj_YvTdLzg-4ZQqUysB002oFsiG-SvLS8VK6iR6DYiv_mCvlBHFjO7YRVGGggiH7vEP4XpSdcuyEWcgafhG10wsWRAlG9HxCbZZ6igCs9Vm6XmDkzIo2TVjpy9phSZ-N7VXAh3jJVC06wKMBbR1l1BgrCudATJn82gJuH1QLx7Ykb-MEvUtWO4zRXoDnPVVnPPhZGTCKnkF_2luiuFVmsYqH7Y0ngN2FPzu4kmaDqQDi5BHoQDrAXg0sFSnEdRfrJDiFOyhYdu94izKwt8z6MjUQh5pyS5SavtKWYRDG6BFPp3o6_jYvhtUO7YgTurVaWX5Kj8fokStmrN7uQh-yHohp5u5HZmB9gT8BxbpoGBzOnKmO-JrZmy8vlfnLEtmWDI3zMwu4fXLoSr43dT7cLrsHj3t6S5ziHFdpMh9JglkU4gA7iiEfiBboCJj6ToIcvqas6KcS28ShdY9YxvaCWLY8EEFqH9o-QwYhSPvEWRrptH6nLREHIyd-bSyaT7VnC4Cyogg_gUIdz3sepBbIMT3CqToK6rd2-meEqZCmTKyzyckCInJgeJDfuzkfd_wdYxVpAVUsieGATzYL4VLfhS8KqoDY4Tzfq2ZorAreTheNNGthSTSjTIw0OUmSYLneE9Rj3ZhpZlHDTgaUrL0nNwy0DYjfywt4C-UUCeX8LPRRPoW_dz7QxiT0CbPBrEEKloYjDNo0jB4zdT8OdOOeb6O9Kre-ljG9DVOIFO7BbgPw6_NXwXIliNrIHV3T6OnrpzjBC6TH0SpIJfueKaiBndmy9lQmuL-D8fsgeZEp-HJxP0Prn0Cy-cpv0uZMx4OeXZvK3cwJlS_aoF8eGOXsiVmEBU7NbJeS0e5W94iag5UCDS8KqkFTC2gBV7bAfkEJ1kVpTcneZCzRAoGc3yBeDXhmr3Ym64fdBMR76yL3LWWWCvpLKWB1LR6FiWVDdrIvDi_McSz16qrhTfnugJyiBi4oV8D3sxDl_2W3yyZv5ubtyMhTMEATXqxZczlC4iaMC1IUGqC3TYcducmVAaA20hT0yQ-WbVTcB_3NxN-M4DKiylYeUu-na5uhfaBwFocYwFUqaSMOBItYjC5pQjuXcR55UZDL3TzIkWZH3vAT-Y37jhUT62c98FOgSOTDIQUXp3B2-wry02Ew3pk6EJuPvi02NVZJwje0mAdIXGziH_sXe0mjIlmfixuXxN7LwGfQV0WDM4inJj6dP84ZBE0jAZl5EgmhS2WFDzA7jrRybwsfBQvzNVd3JrL2sGU5k_Br9BLJC62WhE6nJDhSfFCAmJNriMYrEOD7x6kzjG_63UvnKTrUeVlcRToPsD67QyexhF73Nz7iztJ3HK1hfwd_5wKWFd1gSZ0lz5sVXj7OKjB_sqZ2XH-FG88tM6eIj4a90g1J87C354ZThAnNxV7G2KhEFuUk4Hj1nVf-758F5gwP0zgNAUbNNHpQX9WabiI4NvPcubWUeD5JB-5oULSN0gq5Fjck5H_ZzK0MhKWxji1gPCW34_TJ4xdoKWwdkznGeP0JX8YSZjONZ5MqCO1OXTP9JM23RfSoA5BC4LGO5JmTdB1TXYDQ7swtdt0MtNETvQCLrD6ewMR5SktWImyO3-K-RoRVSVOyoU6hG8SN54YiNrCqHdew9fnqua9dzlinpezFfw234rL0q91y_OgefnbU0FVF5aSQCDCxk9s1uT3rDAwXizliRygZMO8HLtVs8RD9XH8msuRntwYxGslAWaFOkj0EYA8Mlz4K8QFvxkEdSADpbaYTM7dM60qc2FaJ3mSo16Sv-9nYlpIOxYViBLHEIXHcOiYkp0S-b783qTYYebYxUKNp0fm7zl6b0YWLB7rovPLyLf-vK9cqFAUUpB2UAkZ7Ow4-tfG_APpuVlUstvIpZhFkrBA-hMH9xkN21EptVmeW2gmbr_j3OOE7CK9f2efddimRxderjw0m5A4Uo-HTISgcr2yAJoSNa37RksseXxgH9BT8vVoYX13Lx7YcFILFy1sPoUucnzGcXzCXeANz11EBu5Z9MmSLHCsStzhqNAeLwDeFcfYh8M9OpD9gF3q7hYSCdImpylh3RVAzBRjqSqaaSIi2P86LNiJ4SKFGAQQsv-WLddVuIe74gtpMkjP-dh7P2TdwIh5brMi4ObpdIjTK_SgcIVPIiP0UV0y9RGQ5nb7mUsolgwut4iAblnZ1iAqLDucEO-7JAbf4J_gI1ycR9E0c0CNpeRnP3u9luKReubT2GE3LBuYzGtbFj6rc2YEPC7IcA8nuZUVZD0dxwcm4hij22O-bzaYy844dI9izJhwHJfBHkMH4sCX0pSb53SvfY4nBaB5MVy6Vu8ZARcqffz6h0OuVV-1RMZdD_F5Jx22ZZqIZs-wWDqZpNAGyb5h5x9ZAhloDcf9BexuCRxRBo1xft-j-AqYC_s4zqPf_yNDJ-aXBgZkjW-u73XsQEPGp2AarRw79-DD1TcT_o5RktqhoZC875Q6dx4mqxrJZ24egkvO-Z8nL-3Gpn9A0Bx7iDxx3JmqmuzqEAHr7n_HJ98lYpf2nNz8Ww1nagOo5h9n0ScLHcarX2UXXTBrR1UqG4NUpcjthlhCUzpJRWRIbfCeKSF-Yz10EpKzbwga1zXtXe3YTmPdhGTAfag88zbJrIaMXf-54TWuHE4fdP7tSIk&cid=CAASJeRogBJreOns6f51bI99ucbiHAThXRlyaTXrmDE7D3pUdHa5bK8&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:59 GMT
sd
us-u.openx.net/w/1.0/ Frame A400
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKFrcCbq_Mrw4ebeAYFMKO4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKFrcCbq_Mrw4ebeAYFMKO4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGInEo9IBMAE&v=APEucNVD0z8g5wFkUWOj00S-bBMPz7kGfZ4AGdGlq_hWLt8EQZ7nkACRi5m0z28xrYKjeJTCxfpY08ieLDE2KP_Q7hl4gz3YmxHFFsjmF0SuzbDexxol6C0WY8yYQbhubwdQDAVTrgUxxJsRB8Wy9z0ybl4X8tr53g6Qx4k6JNo-iPAe3LqFcyQ
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKFrcCbq_Mrw4ebeAYFMKO4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A400 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGInEo9IBMAE&v=APEucNVD0z8g5wFkUWOj00S-bBMPz7kGfZ4AGdGlq_hWLt8EQZ7nkACRi5m0z28xrYKjeJTCxfpY08ieLDE2KP_Q7hl4gz3YmxHFFsjmF0SuzbDexxol6C0WY8yYQbhubwdQDAVTrgUxxJsRB8Wy9z0ybl4X8tr53g6Qx4k6JNo-iPAe3LqFcyQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A400
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENYOPxybkYJR-SmlSiQrF8U&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENYOPxybkYJR-SmlSiQrF8U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGInEo9IBMAE&v=APEucNVD0z8g5wFkUWOj00S-bBMPz7kGfZ4AGdGlq_hWLt8EQZ7nkACRi5m0z28xrYKjeJTCxfpY08ieLDE2KP_Q7hl4gz3YmxHFFsjmF0SuzbDexxol6C0WY8yYQbhubwdQDAVTrgUxxJsRB8Wy9z0ybl4X8tr53g6Qx4k6JNo-iPAe3LqFcyQ
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Tue, 25 Oct 2022 10:29:38 GMT
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESENYOPxybkYJR-SmlSiQrF8U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A400 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGInEo9IBMAE&v=APEucNVD0z8g5wFkUWOj00S-bBMPz7kGfZ4AGdGlq_hWLt8EQZ7nkACRi5m0z28xrYKjeJTCxfpY08ieLDE2KP_Q7hl4gz3YmxHFFsjmF0SuzbDexxol6C0WY8yYQbhubwdQDAVTrgUxxJsRB8Wy9z0ybl4X8tr53g6Qx4k6JNo-iPAe3LqFcyQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Tue, 25 Oct 2022 10:29:38 GMT
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
css
fonts.googleapis.com/ Frame 9132 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:regular,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 09:03:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 10:29:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9132 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 26 Oct 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9132 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
52592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 25 Oct 2022 19:53:06 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7707 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 20 Oct 2023 10:29:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7707 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 20 Oct 2023 10:29:38 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7707 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Hsf3tCF2bVG4jTuYXFWpuO2vew7oqrMI80EQ8nUzOAX2QoKhd7n5nfez_2EJlUOu1_7bzGI5LbYoUhuK5aTVpR2J7no7qCZd8jVVw8-267u_LNjGlH8cFB4UZtpFEpISSBL7VsWIvM2VbPK3sIxqa0Fuy6gbftq3JDTkRQ_hOSJ2NSpP5qoEBaLFsCRJa4I_wkxsAyUjCl-Yys7DfrKO0zUto-evhnUuqUK-y_5tpt8ixMIVFQCLso_WHPPF23MNiNosJBDv60XPeJsIl2Fg4mQFkUf8EcpeHqpsSpQVP7Gj96uPyS6vpaA-MGiQnPRJEtTDgOerIybhByqIAJvkHh5q_u_YU2AqOOTK91QmusI0uDhug86GknveaxtxP9LL59flNTvBZoEOihkT4GhBT23TU2J7dDXYY5OtAtlEPl5jpgdJ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1808558
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7707 		44 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1666693777
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
pCN_Wc2bybajzJ73p2Kxfar6nBpw3csK6wTJFyLcs2TSerFrrI_5oQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
dpixel
cms.quantserve.com/ Frame 3E50 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ-h25tkusQBfXEz2deeBmI&google_cver=1&google_push=AZmPxg8SfOUkILfGTa-iKbFtqk-4d1mulROuoAVZUHuHshHaCQmlyxD9Wax-IM3MZYXc34zhs69t97O4_WvHFz7dL7esd4raqb8R
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3E50 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAGJRGJQ_sMeXFSAaukGWwM&google_cver=1&google_push=AZmPxg_5iYa0V0Tu47o6LRBo1mKMr3UXJ0B3RsmW8RcbZr0d-SF1ezvZUQiOkjlZIxxKUzUBxT6i4--3w562juaRzCwrYqPCCaJ94g
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 3E50
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKd8FSa_ErMC8FTIWn_NeWU&google_cver=1&google_push=AZmPxg_TV-XFRM0Z3vRIiFjFZB6OP4hwPXYuvOjtw_DzQFYDiwXk7MLM--R4FWDTIut8IFJ7P4q9O4bF9oa2dXKuZdhjU2g...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TV-XFRM0Z3vRIiFjFZB6OP4hwPXYuvOjtw_DzQFYDiwXk7MLM--R4FWDTIut8IFJ7P4q9O4bF9oa2dXKuZdhjU2gh9mAKDA&google_hm=MzU1ODM0NjIyNjU3MTY1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TV-XFRM0Z3vRIiFjFZB6OP4hwPXYuvOjtw_DzQFYDiwXk7MLM--R4FWDTIut8IFJ7P4q9O4bF9oa2dXKuZdhjU2gh9mAKDA&google_hm=MzU1ODM0NjIyNjU3MTY1OTQ5Mg%3D%3D
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TV-XFRM0Z3vRIiFjFZB6OP4hwPXYuvOjtw_DzQFYDiwXk7MLM--R4FWDTIut8IFJ7P4q9O4bF9oa2dXKuZdhjU2gh9mAKDA&google_hm=MzU1ODM0NjIyNjU3MTY1OTQ5Mg%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3E50
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-6FhLPmBkMnkvOVu_hMYaKjDRUZHi2s4PtFXnVi9AdinN8a7G3Li37HATgU8avqFl0EYuFadnPWZ_Ve2BMNAoRvsIaqskS
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-6FhLPmBkMnkvOVu_hMYaKjDRUZHi2s4PtFXnVi9AdinN8a7G3Li37HATgU8avqFl0EYuFadnPWZ_Ve2BMNAoRvsIaqskS
date
Tue, 25 Oct 2022 10:29:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3E50
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_hm=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&google_nid=index&google_push=AZmPxg_aG1-axsMN1yWroWSigEY-eBnLRLreW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_hm=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&google_nid=index&google_push=AZmPxg_aG1-axsMN1yWroWSigEY-eBnLRLreWX_IDOIBSbk-EaM2mr16Z5TfYL3oryCncfGSNinq2wleiDrNSc3lM9dzg2dK5adsXw
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_hm=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&google_nid=index&google_push=AZmPxg_aG1-axsMN1yWroWSigEY-eBnLRLreWX_IDOIBSbk-EaM2mr16Z5TfYL3oryCncfGSNinq2wleiDrNSc3lM9dzg2dK5adsXw
cache-control
no-cache
cf-ray
75fa45b0fab49b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3E50
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-6ecfd3fc-d49d-4811-8e2b-c9a339c282c0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_SRsgfPLzJ428FPQOkv...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg&google_hm=A27P0_zUnUgRjivJoznCgsA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg&google_hm=A27P0_zUnUgRjivJoznCgsA
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_SRsgfPLzJ428FPQOkvC7hbZBx5jLEB7c4gv_kz9J0kgPrfYxRhnINH4vWHaMMeQ5bw100TEccDSDUfKwwMeATyTV4UmeCOg&google_hm=A27P0_zUnUgRjivJoznCgsA
date
Tue, 25 Oct 2022 10:29:38 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6ecfd3fcd49d48118e2bc9a339c282c0003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 3E50 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFJqhEr24iRBXRZJDf_Zvo0&google_cver=1&google_push=AZmPxg_lxnsPvDVG71qhAeHyXUZuj_0MTp318VhmRwjjoCBqor3DSAHz2-d-67cvYlzv-NrEkBMCRpcITdx9LUBeLuFyv72S8XAK
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3E50 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KajucakFBgucfmWFMVyFciQsT9SAurjKw22wZN_Hfj_KN7yJa3R9Ne_l8-2o34-ApRIEW-
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame B20D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7675520bd954bcda54ba15725800e7e7378c41db97cf5dcfdd7e0cf5b74e9307

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame BE58 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
89472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 09:38:26 GMT
expires
Tue, 24 Oct 2023 09:38:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 7ECD 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeMzF3cNKJ19kkMi0E5c6jXJU8WLpUND_O9cHlwxungu6MeGHLta5_UuSgO7RWfrVrZVudG0x1_45xK8C6DyayoMh8dA&cry=1&dbm_d=AKAmf-CNkEp8m4Re8rg8OzgNF5H0kfjhBwytE3wJrHcS77hcVnHL9wthuhLORwhzqgDb8xS0Vh-lh8tAAs_2n4qWtaIjV7okVupeH7g-mCIHMUOEeWLFyWEE9nXwl1h3Qqjz0nT_NFyHwiofsXqjkPZ9-yGnwhRYIdlMdEF9eDvqXUEA-8OqXP8LSWTDa-pBVlXcszMGuKySWLqefEF_64UZcnphb87Y5NUfA50HhKDCqlP7j1nozYfHPb5yzCfEtlkGravW5lDesCBmyInhAiq3EbWPXUBMvohHQOa2Ada_3JPSvIERw3HmFyWvshxMfHGSCLjgW6mWe068WfDW2_IHkTRj-6b5xIhZExc3733rdkv7lxcVswSgZO9bVq2RFPfhQAB-ohGtHwKkeu84tdtAj47vNjGgbOTv6hiIXfCatwIBIzTULikXpVz4uMFdsSE0Kr16PFY_5x425b106MHSb0uvnIZLeXP_B0Se5uhvyvZfi7w7_rwuSEotv04vxUuRkYvMlDpWImAiNmIUlIni6TkHIrIdLLV3iiqvb3l_9sxRUy2KjpPneUlq3r0BHYmsDcB24SVfXXsztJTfWEzGRpHX4Pq3bNiE3kCy3JFgl0iOmJDugOmBsVYhzA80fWGsbEKbt65drBCU4-jTaOSQPgz1jGQMTf5F_PuH4vzCHBtikuwJyzKzS0F7bzGKrENvPm8DsR9DnJuljf4N9COfF7hb7OGK3Vosx_JIWh8xBSGVfr_oklcMGNre3OwNgs7R-0mgmDIHP5mIS9Nj7txIY3jXCQsOtU1maHl1OrPXW-081DFM0UEgBhPLbl5Vrvw_aFPR3pwIewAsHqWdUfHZRN0PGBGxk5OPD_9r4_xjen3dqdhL8rWxPbjznmzxYuvTpTMbxlsoHd59UzJzixyc-a9SsiJD-x6eCQBjjYHqqUleS-2Nf-K0HsUxOiWKuCMQLmglREuEVlJgri6k81_XiyrmHhvfn--ze9rOcWvpv2elGYImWlGBooD6YeP-SdXdTlic0DDGj4ESm6SBNOMxODQPQd96HbHox91MVzbnqsROCFirzw_jtsd8qr0vj3Pw3rkW088VsHkOjmTF2eabCy3xD4KEz3G9BAAYWlhRkR_UmbuN0T5r31j3gBzV3lyj-YFkUo3rpH1grt7EOrglHVa8PhE6IiVe56NerO61K8FS9R9CxMqaN9mlMceI4TOK1GMj6eH2yCUDfa1CZXn0Wfpltv461jKROaEJw51nWUxCJKwmJANU_mTf1-WbBwI7wEw0GEfpdhE6aWbtP7BOifwU08hDziSczhzg2RWS-CsGx7o4n8CWgxbB4GKyHPDeguVgux9fowzRgrFhDZc1NQ_fsLAGhM2p6-3RaYDJTvVy2XxiVbmcLoAjfsLdjW8b9JVhSv-chi5Ak_R3ZiIaUazzzDsW_AI2_hNtUwX4J7rnv-M--7JT-DrcUcwvYIzOrNJWZ3_15pHue-W2OyF1iDLhqqmjbWOl38hskP0aUPADjxzyVjyDrtzQj98NBCxzhku9ud21AvatTuyM67fXNW2bopY7XduKjo-XMGtgtxpybOrTTP7P82jjP3XoRJWKWdrZmPw45ZyN1N4XX2Ema6_5epQw4W00SorT510Rnm3VE0Uy0RzNNu-kNchW-1v0xVbvJ0TbwiYH1IW1rNxah56vaewJi7Vlk2YzS83YK-cMD1sp0dALl8goCcuQZ3muBqnpXgX7an8tI-xYOUHKMqWe0bnSV2FwVOtd9eejGf8_tykA0Opr4507d1s7UgduuXUOwz4YUofQyRoFfyW3Y-uDVHtq29L5F9VyG5EahdBS4voNz2VD0KwMqMxWxGJ3WVaOcSl5duOi8x19mRS21uyOhNgxtRw5ooDjNKRbUnfzc1gCHwB4m6F3FmcrBQ7OhoAfwuZXf0fQp6Y4ydLSqO4jeho15GP9K12U6sz1GaUoaFo6cKBH8hGUJSZkKUqYnKr_dD7VGLkGwBnS0kqvZpSA6WucBL4BNipVZI9HMUtDdm_WJE1q3iizw7BbSbzN5420Y99220Nlb6Pwk7oXbI4bCplFga2umnfnPPVUVAEvadXNQsnx043Vb_MIhWTpK4No3DbLbdtFzd_mUyudtO8o_KOf4u_BL8o5trzVgozRK6FvArK93K7kyHMgTWsfUm-Voi3kKw3jXzDN-Uj7yodHu3gWFjqxzs7pcxcMpFjzL0JJJJBIuSYLnVbKN3AJlkeOxe_7njN5cEeeV7inEG0krzgpO_1kk2N2DdEpjJ2dWq92OMWBKH1T3ahYcs787sFEkA9XCJFEAcUT3ztSs0R60LPzvGuOeg083mWB9-ImsvbCP5p4Kq3Zo0OwgtgVG1xXW6_VszvT9_uHU51WcqPjaY2d6z-Xjn6-jqOFaz7EQFVwSKCn49zBT03b0wP6_Xy-wxQEemLLwSvta8acWi8YLMKz81C-jjDM4k5BdOd8DqAEnUFjO820mj5vm-ZMeYzOJdXkCuuR9UU5jjkxtWBbVv9Y3XaWcF1tF3osBCVUljdhqhjztelaNpvPZCrhz2ddKPS-mg2Zt52V6vkyaYTvwtXKUnvW4OCqJ4Wp2tqWuzrpuFgQKK1wTcUivo327VNZrCht1V24sr1o1l0tEw6ti2M6RcEdYqpLZYopomb48WTfdJDviS7U1I-0y3mXKcYSz7M2v4ZSmEEI4FRhnn8vKH8Gl7UXLRwzTPRGfg130GBtGFJhSCCHHJ8HI0gF38dxMXi_7gj8E6xF2I8eZZTmHKP1RjY42TBc2WXeg48HlA2unEfBYTbAJKc6TkzP7fVKpGZY2G6PeUbXSgPc4Vawumv9PKiIQ0ikcQlKva5-xbnMn04k3W1_BaRYgdtZq8tddUNXVQxAOFM1ryezZ9fSnTOPQyLrfiECyC0pLLkB6dnaSPfNm2h1z7bDdW3Ks8cXTtJnDZtb51i_hoAJ5l7iEMQ6L3nJCoBaimDIPA-_Odj77yK3yVB_I5ooVZQ6cfKTnyrAd1cc5XUTNTOt_6cQtRgBL-JnMyTdXfWDEqD9fbhFYrR2z1dDPpD9zr9vEotQAEF0XeUPUJip4TZDNjCRMvmhXDwJwbtrxu1OAhYTjIrGrFq2kYHHkKTpFPo8FdGNI8SK3fItXPtUWUqfDs6fkwLmM7Pn91qke7eRrNrNAZmJT35pmrcq-rI5N4x1W3G4DhATRkkuG9l0rrzMUlLcSuHPuVc_q-24XjiAi54sxoXY6QPSUILoOxLOBgRFFHooJfLRcUiAiaQPR0OfdI7YQDa0TQ&cid=CAASJORoiB6h50NzZQGUFr79TalgIk3_DyBhXSWgF28TbXV0J8Qefw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:21:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 7ECD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeMzF3cNKJ19kkMi0E5c6jXJU8WLpUND_O9cHlwxungu6MeGHLta5_UuSgO7RWfrVrZVudG0x1_45xK8C6DyayoMh8dA&cry=1&dbm_d=AKAmf-CNkEp8m4Re8rg8OzgNF5H0kfjhBwytE3wJrHcS77hcVnHL9wthuhLORwhzqgDb8xS0Vh-lh8tAAs_2n4qWtaIjV7okVupeH7g-mCIHMUOEeWLFyWEE9nXwl1h3Qqjz0nT_NFyHwiofsXqjkPZ9-yGnwhRYIdlMdEF9eDvqXUEA-8OqXP8LSWTDa-pBVlXcszMGuKySWLqefEF_64UZcnphb87Y5NUfA50HhKDCqlP7j1nozYfHPb5yzCfEtlkGravW5lDesCBmyInhAiq3EbWPXUBMvohHQOa2Ada_3JPSvIERw3HmFyWvshxMfHGSCLjgW6mWe068WfDW2_IHkTRj-6b5xIhZExc3733rdkv7lxcVswSgZO9bVq2RFPfhQAB-ohGtHwKkeu84tdtAj47vNjGgbOTv6hiIXfCatwIBIzTULikXpVz4uMFdsSE0Kr16PFY_5x425b106MHSb0uvnIZLeXP_B0Se5uhvyvZfi7w7_rwuSEotv04vxUuRkYvMlDpWImAiNmIUlIni6TkHIrIdLLV3iiqvb3l_9sxRUy2KjpPneUlq3r0BHYmsDcB24SVfXXsztJTfWEzGRpHX4Pq3bNiE3kCy3JFgl0iOmJDugOmBsVYhzA80fWGsbEKbt65drBCU4-jTaOSQPgz1jGQMTf5F_PuH4vzCHBtikuwJyzKzS0F7bzGKrENvPm8DsR9DnJuljf4N9COfF7hb7OGK3Vosx_JIWh8xBSGVfr_oklcMGNre3OwNgs7R-0mgmDIHP5mIS9Nj7txIY3jXCQsOtU1maHl1OrPXW-081DFM0UEgBhPLbl5Vrvw_aFPR3pwIewAsHqWdUfHZRN0PGBGxk5OPD_9r4_xjen3dqdhL8rWxPbjznmzxYuvTpTMbxlsoHd59UzJzixyc-a9SsiJD-x6eCQBjjYHqqUleS-2Nf-K0HsUxOiWKuCMQLmglREuEVlJgri6k81_XiyrmHhvfn--ze9rOcWvpv2elGYImWlGBooD6YeP-SdXdTlic0DDGj4ESm6SBNOMxODQPQd96HbHox91MVzbnqsROCFirzw_jtsd8qr0vj3Pw3rkW088VsHkOjmTF2eabCy3xD4KEz3G9BAAYWlhRkR_UmbuN0T5r31j3gBzV3lyj-YFkUo3rpH1grt7EOrglHVa8PhE6IiVe56NerO61K8FS9R9CxMqaN9mlMceI4TOK1GMj6eH2yCUDfa1CZXn0Wfpltv461jKROaEJw51nWUxCJKwmJANU_mTf1-WbBwI7wEw0GEfpdhE6aWbtP7BOifwU08hDziSczhzg2RWS-CsGx7o4n8CWgxbB4GKyHPDeguVgux9fowzRgrFhDZc1NQ_fsLAGhM2p6-3RaYDJTvVy2XxiVbmcLoAjfsLdjW8b9JVhSv-chi5Ak_R3ZiIaUazzzDsW_AI2_hNtUwX4J7rnv-M--7JT-DrcUcwvYIzOrNJWZ3_15pHue-W2OyF1iDLhqqmjbWOl38hskP0aUPADjxzyVjyDrtzQj98NBCxzhku9ud21AvatTuyM67fXNW2bopY7XduKjo-XMGtgtxpybOrTTP7P82jjP3XoRJWKWdrZmPw45ZyN1N4XX2Ema6_5epQw4W00SorT510Rnm3VE0Uy0RzNNu-kNchW-1v0xVbvJ0TbwiYH1IW1rNxah56vaewJi7Vlk2YzS83YK-cMD1sp0dALl8goCcuQZ3muBqnpXgX7an8tI-xYOUHKMqWe0bnSV2FwVOtd9eejGf8_tykA0Opr4507d1s7UgduuXUOwz4YUofQyRoFfyW3Y-uDVHtq29L5F9VyG5EahdBS4voNz2VD0KwMqMxWxGJ3WVaOcSl5duOi8x19mRS21uyOhNgxtRw5ooDjNKRbUnfzc1gCHwB4m6F3FmcrBQ7OhoAfwuZXf0fQp6Y4ydLSqO4jeho15GP9K12U6sz1GaUoaFo6cKBH8hGUJSZkKUqYnKr_dD7VGLkGwBnS0kqvZpSA6WucBL4BNipVZI9HMUtDdm_WJE1q3iizw7BbSbzN5420Y99220Nlb6Pwk7oXbI4bCplFga2umnfnPPVUVAEvadXNQsnx043Vb_MIhWTpK4No3DbLbdtFzd_mUyudtO8o_KOf4u_BL8o5trzVgozRK6FvArK93K7kyHMgTWsfUm-Voi3kKw3jXzDN-Uj7yodHu3gWFjqxzs7pcxcMpFjzL0JJJJBIuSYLnVbKN3AJlkeOxe_7njN5cEeeV7inEG0krzgpO_1kk2N2DdEpjJ2dWq92OMWBKH1T3ahYcs787sFEkA9XCJFEAcUT3ztSs0R60LPzvGuOeg083mWB9-ImsvbCP5p4Kq3Zo0OwgtgVG1xXW6_VszvT9_uHU51WcqPjaY2d6z-Xjn6-jqOFaz7EQFVwSKCn49zBT03b0wP6_Xy-wxQEemLLwSvta8acWi8YLMKz81C-jjDM4k5BdOd8DqAEnUFjO820mj5vm-ZMeYzOJdXkCuuR9UU5jjkxtWBbVv9Y3XaWcF1tF3osBCVUljdhqhjztelaNpvPZCrhz2ddKPS-mg2Zt52V6vkyaYTvwtXKUnvW4OCqJ4Wp2tqWuzrpuFgQKK1wTcUivo327VNZrCht1V24sr1o1l0tEw6ti2M6RcEdYqpLZYopomb48WTfdJDviS7U1I-0y3mXKcYSz7M2v4ZSmEEI4FRhnn8vKH8Gl7UXLRwzTPRGfg130GBtGFJhSCCHHJ8HI0gF38dxMXi_7gj8E6xF2I8eZZTmHKP1RjY42TBc2WXeg48HlA2unEfBYTbAJKc6TkzP7fVKpGZY2G6PeUbXSgPc4Vawumv9PKiIQ0ikcQlKva5-xbnMn04k3W1_BaRYgdtZq8tddUNXVQxAOFM1ryezZ9fSnTOPQyLrfiECyC0pLLkB6dnaSPfNm2h1z7bDdW3Ks8cXTtJnDZtb51i_hoAJ5l7iEMQ6L3nJCoBaimDIPA-_Odj77yK3yVB_I5ooVZQ6cfKTnyrAd1cc5XUTNTOt_6cQtRgBL-JnMyTdXfWDEqD9fbhFYrR2z1dDPpD9zr9vEotQAEF0XeUPUJip4TZDNjCRMvmhXDwJwbtrxu1OAhYTjIrGrFq2kYHHkKTpFPo8FdGNI8SK3fItXPtUWUqfDs6fkwLmM7Pn91qke7eRrNrNAZmJT35pmrcq-rI5N4x1W3G4DhATRkkuG9l0rrzMUlLcSuHPuVc_q-24XjiAi54sxoXY6QPSUILoOxLOBgRFFHooJfLRcUiAiaQPR0OfdI7YQDa0TQ&cid=CAASJORoiB6h50NzZQGUFr79TalgIk3_DyBhXSWgF28TbXV0J8Qefw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 14:20:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7ECD 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3bOPUhTXE27XQCBdxZN0oCdFmTrJEWW5nQFTnzPjym4F4rnE3qbTFRriAaGxLaIVl3B4QQb9HIS7613F466K-4GfOuXDB0dNLIsFqkpAXc_NhAFcAitaa4F15WUEN2f50H3BjYPiyiBv6lEnhqGzNmC2xm29s0tOBd6aSzmaNAtNwFn0GDBDEheY8UqimXKdx1-rLnxkNrrGrd0JEGeBQzEanSFrAGS8ul7X1O1M40c1kbDs73i8IgY6FFzK3Z4gxds7Bzo_7m4BRu-t-qH5A33ixwA732p3MwlRsRt--5snyZEHnjwUJ0wgplZx8Qimwb7MaUuAOE6msu_twViPRMORFlnaaNsMuue8xCASRy5yyCRy3Ar7rviKuK5Mo3lSRnGejFNooS56jHEpV-egsPkqhHd0dhpx5FcUqR6DNUbTJHLl4EnVdmb85D4eaEaDssSrAibP_4Wsh-oC4fuQN7cCn9-2Ynlo3oe99T0rtKA6PqDMeh_lZDcYrIEuVEoe_mnEEbzKFKRkU8_wjWEQqbbAdFR88HWKzAHsd9sitopRfdYCGzsEN4E2nXZAPlM6xfi5v94NPVZorkdCRVNUhqLEB7_-FEPpQjhsA9fUzb-SqwSjzu-uy8ZP0rymATsSwXLIH-tzC5jbclxGLV5dTKLYrNJPXI70LE7vTpH4R5GeHlfNpc04GlswBlVk29jmhndeYMxiqco0kgbhJ7s3I5BvQeA2GTvyJ6oLp-Apjk7EL5Y8c90ITOeUvM-d_EA7KvWsY7MpL_ymNP4BNXo8PuEqp-u-HiIyt1eTPmWTWgyxtG_oi5Vg5EZZJ1RjdxKZmBcCOt8N6qN94M_diV-DXOWU53tzJm1Mh9EWheg5JJ8UQQYLJ6vLoB7zvYrv2egQasCIdmhulGYAQXCtN_LsUMzPZlu-K_m0aJpNo9l82n7NYCJRjLRUlf2jEw5MJMivkPTKH3zFKYtjW4KxlIjexWZdKlVtSUdafWccryfSo1tywIzXkCMQ3ZTuZ9XnuTGIRChmSafpkXtIL_LBfF5tUl2WkVlXqyqXayLaXrdjlsZ2_UkYCwwBEKQfh8Kb_K27wLrcYUL6en40jAfebo0fdCt6F8MfrOfN7j9KX1XBvlW8GQi1Ui-xWb9108NawtTEGuHVjOOcYJFUxcOOL4Ixt3c1VscrWxDAs9d5-XXfS_pDs52gAb6FGWOYLERrFIFpvBDSv49KDpz4S8DZLTU00&sai=AMfl-YSO9BckSIxqBy9Y2Kv7LPVjPrbfV1-xkWXUH5mh-MwhIVe4yKECnLN5jJ_rO4G6XCV5On-c4oZKuml5nVaL8l73Zdls6hqK4o-KZPY8sZR3Lnmcn5UwWJmA8aRC67I9M89DsyrPYrPnLgf9ChdezOJ2ow9R1R02BhkaT0GNZPC0E2mUi2UAmz5xVR_l-j3iH6DI9_5xmAhhybZ5emqL3Xmf21I&sig=Cg0ArKJSzCHfvN1DW16aEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221020.80838&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeMzF3cNKJ19kkMi0E5c6jXJU8WLpUND_O9cHlwxungu6MeGHLta5_UuSgO7RWfrVrZVudG0x1_45xK8C6DyayoMh8dA&cry=1&dbm_d=AKAmf-CNkEp8m4Re8rg8OzgNF5H0kfjhBwytE3wJrHcS77hcVnHL9wthuhLORwhzqgDb8xS0Vh-lh8tAAs_2n4qWtaIjV7okVupeH7g-mCIHMUOEeWLFyWEE9nXwl1h3Qqjz0nT_NFyHwiofsXqjkPZ9-yGnwhRYIdlMdEF9eDvqXUEA-8OqXP8LSWTDa-pBVlXcszMGuKySWLqefEF_64UZcnphb87Y5NUfA50HhKDCqlP7j1nozYfHPb5yzCfEtlkGravW5lDesCBmyInhAiq3EbWPXUBMvohHQOa2Ada_3JPSvIERw3HmFyWvshxMfHGSCLjgW6mWe068WfDW2_IHkTRj-6b5xIhZExc3733rdkv7lxcVswSgZO9bVq2RFPfhQAB-ohGtHwKkeu84tdtAj47vNjGgbOTv6hiIXfCatwIBIzTULikXpVz4uMFdsSE0Kr16PFY_5x425b106MHSb0uvnIZLeXP_B0Se5uhvyvZfi7w7_rwuSEotv04vxUuRkYvMlDpWImAiNmIUlIni6TkHIrIdLLV3iiqvb3l_9sxRUy2KjpPneUlq3r0BHYmsDcB24SVfXXsztJTfWEzGRpHX4Pq3bNiE3kCy3JFgl0iOmJDugOmBsVYhzA80fWGsbEKbt65drBCU4-jTaOSQPgz1jGQMTf5F_PuH4vzCHBtikuwJyzKzS0F7bzGKrENvPm8DsR9DnJuljf4N9COfF7hb7OGK3Vosx_JIWh8xBSGVfr_oklcMGNre3OwNgs7R-0mgmDIHP5mIS9Nj7txIY3jXCQsOtU1maHl1OrPXW-081DFM0UEgBhPLbl5Vrvw_aFPR3pwIewAsHqWdUfHZRN0PGBGxk5OPD_9r4_xjen3dqdhL8rWxPbjznmzxYuvTpTMbxlsoHd59UzJzixyc-a9SsiJD-x6eCQBjjYHqqUleS-2Nf-K0HsUxOiWKuCMQLmglREuEVlJgri6k81_XiyrmHhvfn--ze9rOcWvpv2elGYImWlGBooD6YeP-SdXdTlic0DDGj4ESm6SBNOMxODQPQd96HbHox91MVzbnqsROCFirzw_jtsd8qr0vj3Pw3rkW088VsHkOjmTF2eabCy3xD4KEz3G9BAAYWlhRkR_UmbuN0T5r31j3gBzV3lyj-YFkUo3rpH1grt7EOrglHVa8PhE6IiVe56NerO61K8FS9R9CxMqaN9mlMceI4TOK1GMj6eH2yCUDfa1CZXn0Wfpltv461jKROaEJw51nWUxCJKwmJANU_mTf1-WbBwI7wEw0GEfpdhE6aWbtP7BOifwU08hDziSczhzg2RWS-CsGx7o4n8CWgxbB4GKyHPDeguVgux9fowzRgrFhDZc1NQ_fsLAGhM2p6-3RaYDJTvVy2XxiVbmcLoAjfsLdjW8b9JVhSv-chi5Ak_R3ZiIaUazzzDsW_AI2_hNtUwX4J7rnv-M--7JT-DrcUcwvYIzOrNJWZ3_15pHue-W2OyF1iDLhqqmjbWOl38hskP0aUPADjxzyVjyDrtzQj98NBCxzhku9ud21AvatTuyM67fXNW2bopY7XduKjo-XMGtgtxpybOrTTP7P82jjP3XoRJWKWdrZmPw45ZyN1N4XX2Ema6_5epQw4W00SorT510Rnm3VE0Uy0RzNNu-kNchW-1v0xVbvJ0TbwiYH1IW1rNxah56vaewJi7Vlk2YzS83YK-cMD1sp0dALl8goCcuQZ3muBqnpXgX7an8tI-xYOUHKMqWe0bnSV2FwVOtd9eejGf8_tykA0Opr4507d1s7UgduuXUOwz4YUofQyRoFfyW3Y-uDVHtq29L5F9VyG5EahdBS4voNz2VD0KwMqMxWxGJ3WVaOcSl5duOi8x19mRS21uyOhNgxtRw5ooDjNKRbUnfzc1gCHwB4m6F3FmcrBQ7OhoAfwuZXf0fQp6Y4ydLSqO4jeho15GP9K12U6sz1GaUoaFo6cKBH8hGUJSZkKUqYnKr_dD7VGLkGwBnS0kqvZpSA6WucBL4BNipVZI9HMUtDdm_WJE1q3iizw7BbSbzN5420Y99220Nlb6Pwk7oXbI4bCplFga2umnfnPPVUVAEvadXNQsnx043Vb_MIhWTpK4No3DbLbdtFzd_mUyudtO8o_KOf4u_BL8o5trzVgozRK6FvArK93K7kyHMgTWsfUm-Voi3kKw3jXzDN-Uj7yodHu3gWFjqxzs7pcxcMpFjzL0JJJJBIuSYLnVbKN3AJlkeOxe_7njN5cEeeV7inEG0krzgpO_1kk2N2DdEpjJ2dWq92OMWBKH1T3ahYcs787sFEkA9XCJFEAcUT3ztSs0R60LPzvGuOeg083mWB9-ImsvbCP5p4Kq3Zo0OwgtgVG1xXW6_VszvT9_uHU51WcqPjaY2d6z-Xjn6-jqOFaz7EQFVwSKCn49zBT03b0wP6_Xy-wxQEemLLwSvta8acWi8YLMKz81C-jjDM4k5BdOd8DqAEnUFjO820mj5vm-ZMeYzOJdXkCuuR9UU5jjkxtWBbVv9Y3XaWcF1tF3osBCVUljdhqhjztelaNpvPZCrhz2ddKPS-mg2Zt52V6vkyaYTvwtXKUnvW4OCqJ4Wp2tqWuzrpuFgQKK1wTcUivo327VNZrCht1V24sr1o1l0tEw6ti2M6RcEdYqpLZYopomb48WTfdJDviS7U1I-0y3mXKcYSz7M2v4ZSmEEI4FRhnn8vKH8Gl7UXLRwzTPRGfg130GBtGFJhSCCHHJ8HI0gF38dxMXi_7gj8E6xF2I8eZZTmHKP1RjY42TBc2WXeg48HlA2unEfBYTbAJKc6TkzP7fVKpGZY2G6PeUbXSgPc4Vawumv9PKiIQ0ikcQlKva5-xbnMn04k3W1_BaRYgdtZq8tddUNXVQxAOFM1ryezZ9fSnTOPQyLrfiECyC0pLLkB6dnaSPfNm2h1z7bDdW3Ks8cXTtJnDZtb51i_hoAJ5l7iEMQ6L3nJCoBaimDIPA-_Odj77yK3yVB_I5ooVZQ6cfKTnyrAd1cc5XUTNTOt_6cQtRgBL-JnMyTdXfWDEqD9fbhFYrR2z1dDPpD9zr9vEotQAEF0XeUPUJip4TZDNjCRMvmhXDwJwbtrxu1OAhYTjIrGrFq2kYHHkKTpFPo8FdGNI8SK3fItXPtUWUqfDs6fkwLmM7Pn91qke7eRrNrNAZmJT35pmrcq-rI5N4x1W3G4DhATRkkuG9l0rrzMUlLcSuHPuVc_q-24XjiAi54sxoXY6QPSUILoOxLOBgRFFHooJfLRcUiAiaQPR0OfdI7YQDa0TQ&cid=CAASJORoiB6h50NzZQGUFr79TalgIk3_DyBhXSWgF28TbXV0J8Qefw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 25 Oct 2022 10:29:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7ECD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeMzF3cNKJ19kkMi0E5c6jXJU8WLpUND_O9cHlwxungu6MeGHLta5_UuSgO7RWfrVrZVudG0x1_45xK8C6DyayoMh8dA&cry=1&dbm_d=AKAmf-CNkEp8m4Re8rg8OzgNF5H0kfjhBwytE3wJrHcS77hcVnHL9wthuhLORwhzqgDb8xS0Vh-lh8tAAs_2n4qWtaIjV7okVupeH7g-mCIHMUOEeWLFyWEE9nXwl1h3Qqjz0nT_NFyHwiofsXqjkPZ9-yGnwhRYIdlMdEF9eDvqXUEA-8OqXP8LSWTDa-pBVlXcszMGuKySWLqefEF_64UZcnphb87Y5NUfA50HhKDCqlP7j1nozYfHPb5yzCfEtlkGravW5lDesCBmyInhAiq3EbWPXUBMvohHQOa2Ada_3JPSvIERw3HmFyWvshxMfHGSCLjgW6mWe068WfDW2_IHkTRj-6b5xIhZExc3733rdkv7lxcVswSgZO9bVq2RFPfhQAB-ohGtHwKkeu84tdtAj47vNjGgbOTv6hiIXfCatwIBIzTULikXpVz4uMFdsSE0Kr16PFY_5x425b106MHSb0uvnIZLeXP_B0Se5uhvyvZfi7w7_rwuSEotv04vxUuRkYvMlDpWImAiNmIUlIni6TkHIrIdLLV3iiqvb3l_9sxRUy2KjpPneUlq3r0BHYmsDcB24SVfXXsztJTfWEzGRpHX4Pq3bNiE3kCy3JFgl0iOmJDugOmBsVYhzA80fWGsbEKbt65drBCU4-jTaOSQPgz1jGQMTf5F_PuH4vzCHBtikuwJyzKzS0F7bzGKrENvPm8DsR9DnJuljf4N9COfF7hb7OGK3Vosx_JIWh8xBSGVfr_oklcMGNre3OwNgs7R-0mgmDIHP5mIS9Nj7txIY3jXCQsOtU1maHl1OrPXW-081DFM0UEgBhPLbl5Vrvw_aFPR3pwIewAsHqWdUfHZRN0PGBGxk5OPD_9r4_xjen3dqdhL8rWxPbjznmzxYuvTpTMbxlsoHd59UzJzixyc-a9SsiJD-x6eCQBjjYHqqUleS-2Nf-K0HsUxOiWKuCMQLmglREuEVlJgri6k81_XiyrmHhvfn--ze9rOcWvpv2elGYImWlGBooD6YeP-SdXdTlic0DDGj4ESm6SBNOMxODQPQd96HbHox91MVzbnqsROCFirzw_jtsd8qr0vj3Pw3rkW088VsHkOjmTF2eabCy3xD4KEz3G9BAAYWlhRkR_UmbuN0T5r31j3gBzV3lyj-YFkUo3rpH1grt7EOrglHVa8PhE6IiVe56NerO61K8FS9R9CxMqaN9mlMceI4TOK1GMj6eH2yCUDfa1CZXn0Wfpltv461jKROaEJw51nWUxCJKwmJANU_mTf1-WbBwI7wEw0GEfpdhE6aWbtP7BOifwU08hDziSczhzg2RWS-CsGx7o4n8CWgxbB4GKyHPDeguVgux9fowzRgrFhDZc1NQ_fsLAGhM2p6-3RaYDJTvVy2XxiVbmcLoAjfsLdjW8b9JVhSv-chi5Ak_R3ZiIaUazzzDsW_AI2_hNtUwX4J7rnv-M--7JT-DrcUcwvYIzOrNJWZ3_15pHue-W2OyF1iDLhqqmjbWOl38hskP0aUPADjxzyVjyDrtzQj98NBCxzhku9ud21AvatTuyM67fXNW2bopY7XduKjo-XMGtgtxpybOrTTP7P82jjP3XoRJWKWdrZmPw45ZyN1N4XX2Ema6_5epQw4W00SorT510Rnm3VE0Uy0RzNNu-kNchW-1v0xVbvJ0TbwiYH1IW1rNxah56vaewJi7Vlk2YzS83YK-cMD1sp0dALl8goCcuQZ3muBqnpXgX7an8tI-xYOUHKMqWe0bnSV2FwVOtd9eejGf8_tykA0Opr4507d1s7UgduuXUOwz4YUofQyRoFfyW3Y-uDVHtq29L5F9VyG5EahdBS4voNz2VD0KwMqMxWxGJ3WVaOcSl5duOi8x19mRS21uyOhNgxtRw5ooDjNKRbUnfzc1gCHwB4m6F3FmcrBQ7OhoAfwuZXf0fQp6Y4ydLSqO4jeho15GP9K12U6sz1GaUoaFo6cKBH8hGUJSZkKUqYnKr_dD7VGLkGwBnS0kqvZpSA6WucBL4BNipVZI9HMUtDdm_WJE1q3iizw7BbSbzN5420Y99220Nlb6Pwk7oXbI4bCplFga2umnfnPPVUVAEvadXNQsnx043Vb_MIhWTpK4No3DbLbdtFzd_mUyudtO8o_KOf4u_BL8o5trzVgozRK6FvArK93K7kyHMgTWsfUm-Voi3kKw3jXzDN-Uj7yodHu3gWFjqxzs7pcxcMpFjzL0JJJJBIuSYLnVbKN3AJlkeOxe_7njN5cEeeV7inEG0krzgpO_1kk2N2DdEpjJ2dWq92OMWBKH1T3ahYcs787sFEkA9XCJFEAcUT3ztSs0R60LPzvGuOeg083mWB9-ImsvbCP5p4Kq3Zo0OwgtgVG1xXW6_VszvT9_uHU51WcqPjaY2d6z-Xjn6-jqOFaz7EQFVwSKCn49zBT03b0wP6_Xy-wxQEemLLwSvta8acWi8YLMKz81C-jjDM4k5BdOd8DqAEnUFjO820mj5vm-ZMeYzOJdXkCuuR9UU5jjkxtWBbVv9Y3XaWcF1tF3osBCVUljdhqhjztelaNpvPZCrhz2ddKPS-mg2Zt52V6vkyaYTvwtXKUnvW4OCqJ4Wp2tqWuzrpuFgQKK1wTcUivo327VNZrCht1V24sr1o1l0tEw6ti2M6RcEdYqpLZYopomb48WTfdJDviS7U1I-0y3mXKcYSz7M2v4ZSmEEI4FRhnn8vKH8Gl7UXLRwzTPRGfg130GBtGFJhSCCHHJ8HI0gF38dxMXi_7gj8E6xF2I8eZZTmHKP1RjY42TBc2WXeg48HlA2unEfBYTbAJKc6TkzP7fVKpGZY2G6PeUbXSgPc4Vawumv9PKiIQ0ikcQlKva5-xbnMn04k3W1_BaRYgdtZq8tddUNXVQxAOFM1ryezZ9fSnTOPQyLrfiECyC0pLLkB6dnaSPfNm2h1z7bDdW3Ks8cXTtJnDZtb51i_hoAJ5l7iEMQ6L3nJCoBaimDIPA-_Odj77yK3yVB_I5ooVZQ6cfKTnyrAd1cc5XUTNTOt_6cQtRgBL-JnMyTdXfWDEqD9fbhFYrR2z1dDPpD9zr9vEotQAEF0XeUPUJip4TZDNjCRMvmhXDwJwbtrxu1OAhYTjIrGrFq2kYHHkKTpFPo8FdGNI8SK3fItXPtUWUqfDs6fkwLmM7Pn91qke7eRrNrNAZmJT35pmrcq-rI5N4x1W3G4DhATRkkuG9l0rrzMUlLcSuHPuVc_q-24XjiAi54sxoXY6QPSUILoOxLOBgRFFHooJfLRcUiAiaQPR0OfdI7YQDa0TQ&cid=CAASJORoiB6h50NzZQGUFr79TalgIk3_DyBhXSWgF28TbXV0J8Qefw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 07:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 07:50:32 GMT
16585813635612318049
s0.2mdn.net/simgad/ Frame 7ECD 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16585813635612318049
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924b51171859ad38a1a2d44d223b6930c8521523dab71a1c8b5d29f9efc9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:08:56 GMT
x-content-type-options
nosniff
age
1242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28338
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 08:06:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 10:08:56 GMT
pixel
cm.g.doubleclick.net/ Frame B29D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcFEm_Ih2J4cNgE5of5KV0&google_push=AZmPxg-ONvVV95TKKSV0Sz1G8nYxIg0EqZ_qI37XquNdtYp-FPRh6Ipwoh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcFEm_Ih2J4cNgE5of5KV0&google_push=AZmPxg-ONvVV95TKKSV0Sz1G8nYxIg0EqZ_qI37XquNdtYp-FPRh6IpwohkJ9EaPAOxmf9ro9Uf_BhH43yyvaFqmfW9-5dx6Cg
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn4060-HHN
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1666693778.182520,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcFEm_Ih2J4cNgE5of5KV0&google_push=AZmPxg-ONvVV95TKKSV0Sz1G8nYxIg0EqZ_qI37XquNdtYp-FPRh6IpwohkJ9EaPAOxmf9ro9Uf_BhH43yyvaFqmfW9-5dx6Cg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame B29D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI7i5v5uAv5QjEiDSZX1gug&google_cver=1&google_push=AZmPxg9X3f2j7CslYrfDT4y5gkIb7ORRJOLzKIM8QiBM5BLUiOo6inLgYuXENv2s86n0ZZfdC5gLR7uGaHtyD935brSq72cZ5v8
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B29D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9O-ATXsVCUyLrD3u7mUwKlqQTom77WreFA_8i_aUzPFF-mdMN1EYfZBsLmnEpWo2AWe1FQCfFOnlJSsJHU1kXKCB0BXIk
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ONqIcc3UR3SUd9Us7p53jw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9O-ATXsVCUyLrD3u7mUwKlqQTom77WreFA_8i_aUzPFF-mdMN1EYfZBsLmnEpWo2AWe1FQCfFOnlJSsJHU1kXKCB0BXIk
date
Tue, 25 Oct 2022 10:29:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B29D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEzfNC7wQOfN2JU5axfjzko&google_cver=1&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQ...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEzfNC7wQOfN2JU5axfjzko&google_cver=1&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQDAMTN3HjT8&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQDAMTN3HjT8&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 25 Oct 2022 10:29:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_VxjWPKmqevxK0AFld2c_oEAOaRd2NlkzxAtDBmGi6irxR22QTB_5cTUL8DpTMBp2sYe5U0RHXIhyEzWvUQDAMTN3HjT8&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame B29D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFphF1qbrIfHpnxrkqr_dE4&google_cver=1&google_push=AZmPxg85EnfFxD8oFbB0PLfCrWPjHBSXRan-k8cBeL-LoDwkVy6wn_dy1FV3G-zwuBE0Kw3RwqOLZtyxvec-0k_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg85EnfFxD8oFbB0PLfCrWPjHBSXRan-k8cBeL-LoDwkVy6wn_dy1FV3G-zwuBE0Kw3RwqOLZtyxvec-0k_igoEIXLSvftk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg85EnfFxD8oFbB0PLfCrWPjHBSXRan-k8cBeL-LoDwkVy6wn_dy1FV3G-zwuBE0Kw3RwqOLZtyxvec-0k_igoEIXLSvftk
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg85EnfFxD8oFbB0PLfCrWPjHBSXRan-k8cBeL-LoDwkVy6wn_dy1FV3G-zwuBE0Kw3RwqOLZtyxvec-0k_igoEIXLSvftk
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
xAzIKfBkkLQIkhkLWuc1UZ6suRWmbaKT9Po5-Fuyq8pPWMIuNZzs3w==
pixel
cm.g.doubleclick.net/ Frame B29D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC7aymFhzdJXA6YEOi48wLA&google_cver=1&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q&...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg9r9F2_0W-UAvlsRgCjg_IBH6u-0WA52MmRkV2W5u1Uf2Yh-k_2ZGGR-IA2oQlaWRlZSZykaN-ImZKeaxpHbek9D41F8Q
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame B29D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs1rwcU9o2bJ-jd94exN-ra5qnouWgko2v6a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs1rwcU9o2bJ-jd94exN-ra5qnouWgko2v6aBSXnF5R7TbRNuDej5R2JJYRKbs
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg_HXajMUUTECOmeotKh1_lPLR7up8U4gbXs1rwcU9o2bJ-jd94exN-ra5qnouWgko2v6aBSXnF5R7TbRNuDej5R2JJYRKbs
Date
Tue, 25 Oct 2022 10:29:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B29D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iyj7bUvQk9Q03aiwl1nGMMyN4q2IMgCP6gO7t7fA2xAB6rX8x-u898A4e-vG2q-STBtMOTLw
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame FAF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame FAF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FAF8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 20 Oct 2023 10:29:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FAF8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 20 Oct 2023 10:29:38 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame FAF8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=rXJsXgJ6N5xdH3oldp0yrA2cxHWuoWCtPK0E7wK1Q9lLTafO7F4lxbfcOXbgvkVfJxEu15IikbDGsHZD41jh9KW0ec9ddnysGC_jJove9WkJq7OBJ8OvK03fIi0IoAMK-UA105oxtq0Zb3Cs1Rfd9LFFWdsINWPl-h9LDzOLaSULzB0dgstkzn73jAPEGGSzyLVkhLE9BBhd8HdYngl1DBNc93YODTxYwpgDHb_lbVKWTcFFRQ-xBghtkF54L3fhOaOAzGSiXf5ghqwCLkT2CQAMk4JjC-a06R0rHot_aPUDlLiX4q8OkE8P18SSNjRTysqTv1kkv9vtrXFaUR48ssouN_nG5u7W0tU73oNCO7ZnJ6JsKkJ7p1HyMrnWwfEXKpdzhNeuhO6jiUKtL-8JSWI_AwpFNHXto2HHrv8pmb2JI0ST
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3079081
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame FAF8 		44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1666693777
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
Xhfc4la90GnF_exOgSkKfNIjdjSguUNsIwHr_iOSRwco6O0afbureA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ Frame FB33 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7d17de64ab0cdb7bd8c7d44a4120cae54a9e3befc3bf6387f98b252e1b31680

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 28A0 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92226ed4f6a7339c0907876efc6866937908a0a090b2450a41f8ca1dcdaa20ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 150C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
779d9d1d54038e2afa37e881255d890c73107ac9fd78f964e6f1d736cf906b17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 16B1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3852e07038b5de1f1ef09633aa05e2c6a309f0e305075f1f360e2c3bbe7b70e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E4EE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:38 GMT
expires
Tue, 25 Oct 2022 10:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
animejs.js
static.criteo.net/animejs/ Frame 7707 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
img
pix.eu.criteo.net/img/ Frame 7707 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=96&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=45clepS8yrkQyPzlt9DilbEt
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
077deca4d6403481d09410f5975dba17e496fc18fb1af7eb875c53c404a757ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29196356
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19853
expires
Thu, 28 Sep 2023 08:35:34 GMT
img
pix.eu.criteo.net/img/ Frame 7707 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=757396
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1266
expires
Thu, 03 Nov 2022 04:52:54 GMT
img
pix.eu.criteo.net/img/ Frame 7707 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAuswaertiges-Amt-281275DE-2210061549.gif%3Feb%3D1&v=3&w=400&s=U3lJrLCBM9QAqrUYv2DASoVa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fe5bda77e4361c2facf5966bf1f462f8d6dd0b1c710f45abe310d052df9fdb60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1020254
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2220
expires
Sun, 06 Nov 2022 05:53:52 GMT
all
csm.eu.criteo.net/ Frame 7707 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=U-lOY5axu3gKYHpQwzNpHeP6Wli-G-OIsG21TbuvN2akUPhg1tqVbiTeAsjT8bS8Y2SrMhCS0me8c9sBfHd8lFFbcKQMQIN02yzEyarTbHRCOtxOE_8EildC7b5S6j5A1Vxwb_KLx88qreAg404HcrGzrX2qy-VQyAcx7NdU7OHwSKTviHCi-b_gharmO9XFmZC9jk8o4Rk1LLgg-dKgoXdWSxOFoZuJo_uOj_XfGM4ydT7G3YscmFdO0OPW0Gu2m9pZjQ&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kAAOgi4I9kOTAALwjZmAw4bmAhc1tv5qSQ&u=%7COol2LM3aIOnoXvmYFOGpMw7VrqeTMM%2FO%2BXh1RKJGgNM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbNNxmkjAKswUkNw4Vxgnt6CG0s2gfJQX7vErAnsHQCKn6PHApgerl3lE72YUa6OIZHzNcgWGRrr7pGfsEtNexuR2wT6IBXvnwz4EbnTz0HC4ea_BjmXmB20Ip1dWOY03i2BSYReBHnNGjS_ih5GS2Fyf7pFsnVBpK7EY7UsOsOwzbYTPdpoX0xnd3PDJyioL-9X9VZJcKB59t4pQQNgkxh4wClz0rEia1Uk-cmmmgzoCi0iVTyXbGgUnVg8fJkpLvRujvSO9YesSCHKUfdKYTlKY7TQg5wXhMNygUgmCjE1NwYcHW6Khukwn15mg-6Pf3LtRl3aQkFs2qiszdqxuwFUcKe7bEjzhya41W6jZjOAPhImCIX0QMLFMN4blkdpI8_2rjlXGO63v0-jzdnO4V7NxPA19qClR19LcAiFr3c_kSpGobr4V4h1kMe08lKpKcxMf3ktttCgjqMvVVoZSFE_MKz7RYjPEC3Jm-hCxatWaj_ikF2Gv6-9eOZ-AvOUcjmB2L5rJSqe4067DHr_oMwl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3tvkLpXY66EOpOH2fcPjeGL8AzJntKxXKX8k_dwwI23ARABIABglZKvgrgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAtx3GTnElrA-4AIAqAMBqgT3AU_Q_FcYUoAJ8wyqHVQcPJTYpf6zzqD0gYCdp7oqEN1S_gpGM2FTnY48nLB6LF5-_2Ju5P8YH_utar8K0l_1pykL7ITIqOToY2JaoHuN83wRMvDQl4t957Cw_vXXlhwXXAU54PQoKSY5l1MSnsKTDHijjjyvsPNYJRol95u2YG7peBvUyvih4Q6fbiBZC4hJgVmKdl4jETUnikZr6gNZb1bFy9tOq4kw_IjgKGOfvWGgJECuJesKaz6DyMm-REuXZ1E7RV9Uqcooi6_IblOblQzXJuwZs_YBpVYnVaBojdcxuCc9yzQ7caws5klF3DOlIOOKzAtJrN_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kyyheDglFXJXhCuEs1hS-PSPLGA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
l
www.google.com/ads/measurement/ Frame B699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-w3T9XEIxjtwDlFmi-bG7-PL8KwiIWDFCTeV3n3VIJVB_u3dLLFO0iUsT6QwhGtyLS-e6G3CQy9NIljo0d8xHWvj6Bw
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B699 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:38 GMT
truncated
/ Frame 5B95 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
414512e53e569f8654c68b2ce9afea5311331f510d8e944000c8c23ebe96db5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1536980418&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1349161307.1666693776&tid=UA-4780630-1&_gid=1788916816.1666693776&gtm=2wgaj0T728TH&cd1=1349161307.1666693776&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=1812849555
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 23:23:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39953
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7B4C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:38 GMT
expires
Tue, 25 Oct 2022 10:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 2521 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKwyf9ErCtBOHME6rHMTLDdaw3oU3iAHHWK1rVl9Sv9ULDiNYNl5Gp1ALk3HBEOPeMtRyNz2fbcQ63LWcdmuMuHUwd6Q
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2521 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:38 GMT
index.html
s0.2mdn.net/sadbundle/4064855172832547207/ Frame 8B04 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f7363b4d3f47cb05b16e504a033f3ecb4f9c92125bc1e2d7ffab994f330d03e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
17773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2465
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 05:33:25 GMT
expires
Wed, 25 Oct 2023 05:33:25 GMT
last-modified
Mon, 17 Oct 2022 10:08:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A458 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvxMHWCX4_dM58_Ot0PN94NApoHA_TGK0z9TonEDpbwsYUqE7L3kMdRvffmiSXlLD9WZLDMNMU0dSBqrIc7z_EOusweYQpxoa1qGb3bgCKXXPyxIJk56TY43A1A1b488vqLHIMVFFwAwWt8jggc1JunJWgSDh9XtsDL70jONBTkMqr5Kip_QLXtUxYu_O7bjOgY8MaeqXyqwLsbKNE2ZrYn-knwloKFpigRxc-7co_oyQqVzBP2OhzIal6CZhWQ8dwxOGf234TSaTP7d4HLWIpwo0oly2FRwtFJQFLYtBXQs2bdoyWw5YORNDLe2-FUEUTifpAAugwqA1zjyRYWo8kt9rTRpr4H_THmwpXoSW9xa5hRx4iuA9fMBGAVcLy5cHbrjo95T1CoFLWGkA8w2qNP8pdSKhQPCjkN2L6NT6113cshEooj_M45xFiFfp0NdcuYbJEcPC_8ksQmoQ6hdiVO4-qdWy-EZUHwfVDZLnZ3v5rIEqR0A1yT_ZLQXGEjja3RKtdBRRNjhHrh98knz1ksXFetDGlyAMGfcVAWQY6dTeI9WeKmQHOE5468xJmrFjH6MUjR3AFAd78RCUwd32G-knsnxHeRzfRn-QOC3COSKD47ul_s-MD6kQDmzNWHnNrGd3lOhhjurqfizkLFJp_XjNQfrq22t96YLaq2B23P8Gp1WlsVQyefpF-JJ19_vXc6hGbPDYMxBvsp-lFgMQPpNNP9FSHsPD9G3EFuXU3kSRwiSf4vff07PmpVFrkjgTYda744dZxdgP9Q9YTUQcvL6_q4ney5uSiugm1ap5okCbF-LS9geCzC2tcWOfuWp5cAdzXHPW2izV9lx2Hhh6ygbjhVRIOEEfPnLK6hAYbksbW5oATX1UksZhsbF6ijewHBD_rFXbSiQE41uLkjL9A1xuz7uI80aNqnkpDgw9fu9sCM9QVTtBgRVF-c4F4H6GYyJCuhnbPgauUEQyiyRYpwzKf4ZipMxH9reLNvpe6V3nJGqyWQMDa761jDvqOME7nYaKpb0TV2CTvmBSzVo8-PmS0xXClPlL6cdTT6Uj5je-StMkLV3s7SqnzGFzfv1D6t6Z_Ri0wXpCUYyL7Ogh5eWdmS4g2o3mV9953eqGvc9yKovpouPcMiYIBkC7olQovyHd6W1rwoo6xz5eknaXUUTUd9_MZKM3Vi7r2HceNFJNYjXaM8QYTEekVp1eEcfNxRxqnlChmeOyb-T-KGYH0tpk&sai=AMfl-YQRuQKQ0tcnRG0rzvy49zFIK4mXrkJQ4UzH-nbReBftDymvwzY7RKUJBxBEJDNZsuHIB-3HLpoRpj3u8LaTkzOxu5aq7W4FRqj3E2lBmTxEPWAwjEPry-Sy9ukwS2Y_RSanTQdMi5Hi13u3ysnxXg7ysDLk0HuW92JAmCuKsCJoB_pIpzLCdcnRkgfduQV_59iBQxqCLUJCTiVFEwJKm0kYSxwxBw&sig=Cg0ArKJSzEZMoR-yiVlyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=335&cbvp=1&cstd=332&cisv=r20221020.00908&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 25 Oct 2022 10:29:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame B699 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a764d148ed30f4438f00f825263dc5aca2191e624cfbaab3d8a2e9ba438a1a92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2521 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dec0bcd40f7d6ffbb800b39e4277dfea962481694fa4a8077f3e826abc36bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 7ECD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3bOPUhTXE27XQCBdxZN0oCdFmTrJEWW5nQFTnzPjym4F4rnE3qbTFRriAaGxLaIVl3B4QQb9HIS7613F466K-4GfOuXDB0dNLIsFqkpAXc_NhAFcAitaa4F15WUEN2f50H3BjYPiyiBv6lEnhqGzNmC2xm29s0tOBd6aSzmaNAtNwFn0GDBDEheY8UqimXKdx1-rLnxkNrrGrd0JEGeBQzEanSFrAGS8ul7X1O1M40c1kbDs73i8IgY6FFzK3Z4gxds7Bzo_7m4BRu-t-qH5A33ixwA732p3MwlRsRt--5snyZEHnjwUJ0wgplZx8Qimwb7MaUuAOE6msu_twViPRMORFlnaaNsMuue8xCASRy5yyCRy3Ar7rviKuK5Mo3lSRnGejFNooS56jHEpV-egsPkqhHd0dhpx5FcUqR6DNUbTJHLl4EnVdmb85D4eaEaDssSrAibP_4Wsh-oC4fuQN7cCn9-2Ynlo3oe99T0rtKA6PqDMeh_lZDcYrIEuVEoe_mnEEbzKFKRkU8_wjWEQqbbAdFR88HWKzAHsd9sitopRfdYCGzsEN4E2nXZAPlM6xfi5v94NPVZorkdCRVNUhqLEB7_-FEPpQjhsA9fUzb-SqwSjzu-uy8ZP0rymATsSwXLIH-tzC5jbclxGLV5dTKLYrNJPXI70LE7vTpH4R5GeHlfNpc04GlswBlVk29jmhndeYMxiqco0kgbhJ7s3I5BvQeA2GTvyJ6oLp-Apjk7EL5Y8c90ITOeUvM-d_EA7KvWsY7MpL_ymNP4BNXo8PuEqp-u-HiIyt1eTPmWTWgyxtG_oi5Vg5EZZJ1RjdxKZmBcCOt8N6qN94M_diV-DXOWU53tzJm1Mh9EWheg5JJ8UQQYLJ6vLoB7zvYrv2egQasCIdmhulGYAQXCtN_LsUMzPZlu-K_m0aJpNo9l82n7NYCJRjLRUlf2jEw5MJMivkPTKH3zFKYtjW4KxlIjexWZdKlVtSUdafWccryfSo1tywIzXkCMQ3ZTuZ9XnuTGIRChmSafpkXtIL_LBfF5tUl2WkVlXqyqXayLaXrdjlsZ2_UkYCwwBEKQfh8Kb_K27wLrcYUL6en40jAfebo0fdCt6F8MfrOfN7j9KX1XBvlW8GQi1Ui-xWb9108NawtTEGuHVjOOcYJFUxcOOL4Ixt3c1VscrWxDAs9d5-XXfS_pDs52gAb6FGWOYLERrFIFpvBDSv49KDpz4S8DZLTU00&sai=AMfl-YSO9BckSIxqBy9Y2Kv7LPVjPrbfV1-xkWXUH5mh-MwhIVe4yKECnLN5jJ_rO4G6XCV5On-c4oZKuml5nVaL8l73Zdls6hqK4o-KZPY8sZR3Lnmcn5UwWJmA8aRC67I9M89DsyrPYrPnLgf9ChdezOJ2ow9R1R02BhkaT0GNZPC0E2mUi2UAmz5xVR_l-j3iH6DI9_5xmAhhybZ5emqL3Xmf21I&sig=Cg0ArKJSzCHfvN1DW16aEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&vt=11&dtpt=231&dett=2&cstd=0&cisv=r20221020.80838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeMzF3cNKJ19kkMi0E5c6jXJU8WLpUND_O9cHlwxungu6MeGHLta5_UuSgO7RWfrVrZVudG0x1_45xK8C6DyayoMh8dA&cry=1&dbm_d=AKAmf-CNkEp8m4Re8rg8OzgNF5H0kfjhBwytE3wJrHcS77hcVnHL9wthuhLORwhzqgDb8xS0Vh-lh8tAAs_2n4qWtaIjV7okVupeH7g-mCIHMUOEeWLFyWEE9nXwl1h3Qqjz0nT_NFyHwiofsXqjkPZ9-yGnwhRYIdlMdEF9eDvqXUEA-8OqXP8LSWTDa-pBVlXcszMGuKySWLqefEF_64UZcnphb87Y5NUfA50HhKDCqlP7j1nozYfHPb5yzCfEtlkGravW5lDesCBmyInhAiq3EbWPXUBMvohHQOa2Ada_3JPSvIERw3HmFyWvshxMfHGSCLjgW6mWe068WfDW2_IHkTRj-6b5xIhZExc3733rdkv7lxcVswSgZO9bVq2RFPfhQAB-ohGtHwKkeu84tdtAj47vNjGgbOTv6hiIXfCatwIBIzTULikXpVz4uMFdsSE0Kr16PFY_5x425b106MHSb0uvnIZLeXP_B0Se5uhvyvZfi7w7_rwuSEotv04vxUuRkYvMlDpWImAiNmIUlIni6TkHIrIdLLV3iiqvb3l_9sxRUy2KjpPneUlq3r0BHYmsDcB24SVfXXsztJTfWEzGRpHX4Pq3bNiE3kCy3JFgl0iOmJDugOmBsVYhzA80fWGsbEKbt65drBCU4-jTaOSQPgz1jGQMTf5F_PuH4vzCHBtikuwJyzKzS0F7bzGKrENvPm8DsR9DnJuljf4N9COfF7hb7OGK3Vosx_JIWh8xBSGVfr_oklcMGNre3OwNgs7R-0mgmDIHP5mIS9Nj7txIY3jXCQsOtU1maHl1OrPXW-081DFM0UEgBhPLbl5Vrvw_aFPR3pwIewAsHqWdUfHZRN0PGBGxk5OPD_9r4_xjen3dqdhL8rWxPbjznmzxYuvTpTMbxlsoHd59UzJzixyc-a9SsiJD-x6eCQBjjYHqqUleS-2Nf-K0HsUxOiWKuCMQLmglREuEVlJgri6k81_XiyrmHhvfn--ze9rOcWvpv2elGYImWlGBooD6YeP-SdXdTlic0DDGj4ESm6SBNOMxODQPQd96HbHox91MVzbnqsROCFirzw_jtsd8qr0vj3Pw3rkW088VsHkOjmTF2eabCy3xD4KEz3G9BAAYWlhRkR_UmbuN0T5r31j3gBzV3lyj-YFkUo3rpH1grt7EOrglHVa8PhE6IiVe56NerO61K8FS9R9CxMqaN9mlMceI4TOK1GMj6eH2yCUDfa1CZXn0Wfpltv461jKROaEJw51nWUxCJKwmJANU_mTf1-WbBwI7wEw0GEfpdhE6aWbtP7BOifwU08hDziSczhzg2RWS-CsGx7o4n8CWgxbB4GKyHPDeguVgux9fowzRgrFhDZc1NQ_fsLAGhM2p6-3RaYDJTvVy2XxiVbmcLoAjfsLdjW8b9JVhSv-chi5Ak_R3ZiIaUazzzDsW_AI2_hNtUwX4J7rnv-M--7JT-DrcUcwvYIzOrNJWZ3_15pHue-W2OyF1iDLhqqmjbWOl38hskP0aUPADjxzyVjyDrtzQj98NBCxzhku9ud21AvatTuyM67fXNW2bopY7XduKjo-XMGtgtxpybOrTTP7P82jjP3XoRJWKWdrZmPw45ZyN1N4XX2Ema6_5epQw4W00SorT510Rnm3VE0Uy0RzNNu-kNchW-1v0xVbvJ0TbwiYH1IW1rNxah56vaewJi7Vlk2YzS83YK-cMD1sp0dALl8goCcuQZ3muBqnpXgX7an8tI-xYOUHKMqWe0bnSV2FwVOtd9eejGf8_tykA0Opr4507d1s7UgduuXUOwz4YUofQyRoFfyW3Y-uDVHtq29L5F9VyG5EahdBS4voNz2VD0KwMqMxWxGJ3WVaOcSl5duOi8x19mRS21uyOhNgxtRw5ooDjNKRbUnfzc1gCHwB4m6F3FmcrBQ7OhoAfwuZXf0fQp6Y4ydLSqO4jeho15GP9K12U6sz1GaUoaFo6cKBH8hGUJSZkKUqYnKr_dD7VGLkGwBnS0kqvZpSA6WucBL4BNipVZI9HMUtDdm_WJE1q3iizw7BbSbzN5420Y99220Nlb6Pwk7oXbI4bCplFga2umnfnPPVUVAEvadXNQsnx043Vb_MIhWTpK4No3DbLbdtFzd_mUyudtO8o_KOf4u_BL8o5trzVgozRK6FvArK93K7kyHMgTWsfUm-Voi3kKw3jXzDN-Uj7yodHu3gWFjqxzs7pcxcMpFjzL0JJJJBIuSYLnVbKN3AJlkeOxe_7njN5cEeeV7inEG0krzgpO_1kk2N2DdEpjJ2dWq92OMWBKH1T3ahYcs787sFEkA9XCJFEAcUT3ztSs0R60LPzvGuOeg083mWB9-ImsvbCP5p4Kq3Zo0OwgtgVG1xXW6_VszvT9_uHU51WcqPjaY2d6z-Xjn6-jqOFaz7EQFVwSKCn49zBT03b0wP6_Xy-wxQEemLLwSvta8acWi8YLMKz81C-jjDM4k5BdOd8DqAEnUFjO820mj5vm-ZMeYzOJdXkCuuR9UU5jjkxtWBbVv9Y3XaWcF1tF3osBCVUljdhqhjztelaNpvPZCrhz2ddKPS-mg2Zt52V6vkyaYTvwtXKUnvW4OCqJ4Wp2tqWuzrpuFgQKK1wTcUivo327VNZrCht1V24sr1o1l0tEw6ti2M6RcEdYqpLZYopomb48WTfdJDviS7U1I-0y3mXKcYSz7M2v4ZSmEEI4FRhnn8vKH8Gl7UXLRwzTPRGfg130GBtGFJhSCCHHJ8HI0gF38dxMXi_7gj8E6xF2I8eZZTmHKP1RjY42TBc2WXeg48HlA2unEfBYTbAJKc6TkzP7fVKpGZY2G6PeUbXSgPc4Vawumv9PKiIQ0ikcQlKva5-xbnMn04k3W1_BaRYgdtZq8tddUNXVQxAOFM1ryezZ9fSnTOPQyLrfiECyC0pLLkB6dnaSPfNm2h1z7bDdW3Ks8cXTtJnDZtb51i_hoAJ5l7iEMQ6L3nJCoBaimDIPA-_Odj77yK3yVB_I5ooVZQ6cfKTnyrAd1cc5XUTNTOt_6cQtRgBL-JnMyTdXfWDEqD9fbhFYrR2z1dDPpD9zr9vEotQAEF0XeUPUJip4TZDNjCRMvmhXDwJwbtrxu1OAhYTjIrGrFq2kYHHkKTpFPo8FdGNI8SK3fItXPtUWUqfDs6fkwLmM7Pn91qke7eRrNrNAZmJT35pmrcq-rI5N4x1W3G4DhATRkkuG9l0rrzMUlLcSuHPuVc_q-24XjiAi54sxoXY6QPSUILoOxLOBgRFFHooJfLRcUiAiaQPR0OfdI7YQDa0TQ&cid=CAASJORoiB6h50NzZQGUFr79TalgIk3_DyBhXSWgF28TbXV0J8Qefw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 153D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83212
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 11:22:46 GMT
etag
48472445140208031
expires
Tue, 25 Oct 2022 11:22:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7ECD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60a1d147256d18353437afbd4c84fd089c7285772fefb3c99aecf9bd94bbd7ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame C57F 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 03:24:20 GMT
x-content-type-options
nosniff
age
457518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 03:24:20 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8B04 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Oct 2022 10:29:38 GMT
main.js
s0.2mdn.net/sadbundle/4064855172832547207/ Frame 8B04 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4064855172832547207/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1fc6f6de986a4c57262eee7b840e221d886603ea4a091b6a9382c900220ca3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17580
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2614
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 10:08:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 05:36:38 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 9132 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 03:24:20 GMT
x-content-type-options
nosniff
age
457518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 03:24:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A458 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 07:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 07:50:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 946C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83212
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 11:22:46 GMT
etag
48472445140208031
expires
Tue, 25 Oct 2022 11:22:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A458 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d1060b36ad26018890386e72d752474d6ed4a9af1de1687412cde9cf2ccbe53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
pagead2.googlesyndication.com/bg/ Frame BE58 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 17:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16117
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 17:05:11 GMT
animejs.js
static.criteo.net/animejs/ Frame FAF8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAuswaertiges-Amt-281275DE-2210061549.gif%3Feb%3D1&v=3&w=400&s=U3lJrLCBM9QAqrUYv2DASoVa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fe5bda77e4361c2facf5966bf1f462f8d6dd0b1c710f45abe310d052df9fdb60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1020254
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2220
expires
Sun, 06 Nov 2022 05:53:52 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=757395
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1266
expires
Thu, 03 Nov 2022 04:52:54 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=YAIFeLPAH54uGQl3I5DObQ3q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28580564
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19171
expires
Thu, 21 Sep 2023 05:32:23 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoAOK-Die-Gesundheitskasse-fur-Niedersachsen-61542DE-2110190909.gif%3Feb%3D1&v=3&w=400&s=WvrtyVvNh51_-tJgc1Sn1zQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7141eff52b35b87bffd434f9acd9f662f45814ad6924908dd97270d5cfb55255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=555017
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1336
expires
Mon, 31 Oct 2022 20:39:55 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Ing-h-c-F-Porsche-AG-DE.gif%3Feb%3D1&v=3&w=400&s=yGyc97Li5bhc-zkbSdGPMypY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2ea4753c508a2bc6bfa07a7c78f8bd88730aed18049df29c9d84e4c902755cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=452500
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1380
expires
Sun, 30 Oct 2022 16:11:19 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoThelen-Verwaltungs-GmbH-181453DE-2102241332.gif%3Feb%3D1&v=3&w=400&s=7Hj2nKXHba3m6B8f9FgjNoF7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
45950e99e9e334b79c45a82dceaa24edf55a60d406a7e62651b7d04a5a5f35f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4238
expires
Tue, 25 Oct 2022 10:29:38 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoBundeswehr-57119DE-1909271352.gif%3Feb%3D1&v=3&w=400&s=-_uZgdsO8R-26I4piLBqsvlm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e45d13ca7e69af031f470855d125c93f8ab8f95999a6c269b52ad8656ecb8d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1715590
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6736
expires
Mon, 14 Nov 2022 07:02:49 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoSTRABAG-PROPERTY-FACILITY-SERVICES-GMBH-258923DE-2209270929.gif%3Feb%3D1&v=3&w=400&s=mpYvqo6514jZvIaCjtpLZHv6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e559326031fbc849ff642464258a71b343f68b2ed246bfe788dea583fd376776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2440
expires
Fri, 20 Oct 2023 10:29:38 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FK%2FlogoKreissparkasse-Ravensburg-203271DE.gif%3Feb%3D1&v=3&w=400&s=6fHCntQ9gpfVxproOs2xzGe6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ac4e21ecb681abbbc6c437b6d9f50df78d65acc6941b169b7559c1c7ac6e4e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2157148
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2308
expires
Sat, 19 Nov 2022 09:42:07 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE.gif%3Feb%3D1&v=3&w=400&s=ZjkQ5I-56oZpupDblCrnY27-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1226
expires
Fri, 20 Oct 2023 10:29:38 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoRatbacher-GmbH-46710DE.gif%3Feb%3D1&v=3&w=400&s=f4eG8R2wWDnzryQ3uVHpVVLj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
adbe941a66b1fc0b0858f6e3fb85fbd6af7e25ea616b3f34a80a0868fdb302ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1815765
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2080
expires
Tue, 15 Nov 2022 10:52:24 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoStiftung-Zollverein-174091DE.gif%3Feb%3D1&v=3&w=400&s=F17B1kR72gKHRF6ByoInnl0x&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
90c7ec5f4ad3344c8d4b9d393722edfad6b8860a2eb5e0b0b7237e5b7b36ed8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=225918
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2544
expires
Fri, 28 Oct 2022 01:14:56 GMT
img
pix.eu.criteo.net/img/ Frame FAF8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRay-Sono-AG-1322DE.gif%3Feb%3D1&v=3&w=400&s=zDBIc8-lFjGxzPbevMlGXn2L&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b0e806ee1bf9e45082bd34d44ce0592fb045382c8538f8b5e0ff99905d0eee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1396
expires
Tue, 25 Oct 2022 10:29:38 GMT
all
csm.eu.criteo.net/ Frame FAF8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=n9_DyZaxu3gKYHpQkO8vH_5lg5Fz8dWFGCrbwvWeGZnDRwetWzhnbAEfPSkZFP3S1ypYFhj-NTNQBAaxSAMDZE47C1QL_R7_D3DUNFP0yZ-On8GD11Z_nNTo9UaXfs0sonW20-Fl2t_v7oNlMW5Nrz_Ycn6RRS82TP8lPnk7Hon-rMKUjpT_IdLzlK2CV5p9s6lW6axm4GO_WAKNrqYGJ6nQOsWgE16wZhiUw3PernZ0ZEXN8ryLr7IWsgcHxZCHr6DDMA&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FAF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FAF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1e6kQAEqI0K00DOAASKMokPSGNMYsKpT2mcpw&u=%7COol2LM3aIOmxj9B4bVXr1sWIYShkjgzyK%2BfJisSdSeo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YpaK8Az95To9dZfowuDedO6hwubzWI6bbsy0Mn2W87yuGZu5th0B_tfQshMywMYy_ySihHHBbmbJ7g7G0RBtdZdrbF-emqpw4sz9yj3c-ppVy6wwJLGkAlXZBinxzwNo3nz-RYxf5cSl7bVnvSUtcOdsNTA7SNdIABDpt40y1T9uezEt9AtEdGLgDUfpEy958_urFskz14OUVjccv4Hnq6Oc1_DNq834KmSNF3iRQyvaF6wiM3hiM3I5_F2Nov_LEysbclWx353E3_6uisftMBxB6vxaBA5vs4N6T02wnEE8fm6_OKGCl3fcqdFxADQZqDjnTBnvVuBpByVrkNtAQwK8uGWTMBZq0dwaaQEZq9mRqn1xepTiGnGhR5eY_Mz2H2v2BGH1FcuZZrGYDThtVryvwkkfAuh0abmy6TUL4YRKb0k_c-w3XuW0co3nZZfch_2JZa05FqtSfVhOWOmtH2aseLlQGu-aHHitrlFJhVQElLsU5NafHkzd49z9Gitujyx0zPZWvXFz-eXh3wR4xHcoMLZrrQxnrVb2kb48lWBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1JDFkbpXY43REs6BzQaylJKID8me0rFc1Z2R93DAjbcBEAEgAGCVkq-CuAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakC3HcZOcSWsD7gAgCoAwGqBPkBT9A9t_41HUn4-WyOgr5hQdKwp1Tt-Ni6VpPsXHt6-TqhrIbOMGH1OSqRCUfAABQZmofCFf8b8ruVBJotNGeDTlUrqMoIuRj4NsCoGc4bcB2qXRaviS2OHVQkvJ2A1Xw9-ygqU3ramBGcWg05ODKYknj_HdDWZ6WrR1mEix6o5bKzppsywNG1YCxUe_cnFrAKDg58Vzt55mQzTnkKWCHSuhpyrSG8lrCiURAAXZC2XWhrGdwgcS-xROhtDWbNIaemu_9DRmHJWW45LE7ABoTI-rBiDTNs-zm8OBvluqYSSMmtijtp7eTlq6bDUCv08uPuFtFxLSEix1Vq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39m7X2XDKiXPCqumnyj9oAj-Fn-A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 10:29:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7433 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
182825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:42:33 GMT
expires
Mon, 23 Oct 2023 07:42:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDRMMEtyZzIxT05oYkk1&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cver=1&google_push=AZmPxg_ksfJR9dnuIrukrj8u0mdANF9z-DS86wgXYr85yj6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDRMMEtyZzIxT05oYkk1&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cver=1&google_push=AZmPxg_ksfJR9dnuIrukrj8u0mdANF9z-DS86wgXYr85yj6OweN_r1GukZiBeh0o_B5r88RC7y_Eq8-PZaVqxLvdpt6dXi6wIS-3
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDRMMEtyZzIxT05oYkk1&google_gid=CAESECsuAf9H8Qn17vawjRvGHy8&google_cver=1&google_push=AZmPxg_ksfJR9dnuIrukrj8u0mdANF9z-DS86wgXYr85yj6OweN_r1GukZiBeh0o_B5r88RC7y_Eq8-PZaVqxLvdpt6dXi6wIS-3
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH6eF2PZL1kzu2J9JDbdbUU&google_cver=1&google_push=AZmPxg_gecUIlxMt8G_vsIiTG0kADhuJehfHYXy5SzKWgSePpsLfZ67MSsq3Z8SvhXayxtTXzJkH226f8C2yuyVf...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_gecUIlxMt8G_vsIiTG0kADhuJehfHYXy5SzKWgSePpsLfZ67MSsq3Z8SvhXayxtTXzJkH226f8C2yuyVfXAoAwiSu6uT2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_gecUIlxMt8G_vsIiTG0kADhuJehfHYXy5SzKWgSePpsLfZ67MSsq3Z8SvhXayxtTXzJkH226f8C2yuyVfXAoAwiSu6uT2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 25 Oct 2022 10:29:38 GMT
Server
MT3 4539 98cc2da master zrh-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_gecUIlxMt8G_vsIiTG0kADhuJehfHYXy5SzKWgSePpsLfZ67MSsq3Z8SvhXayxtTXzJkH226f8C2yuyVfXAoAwiSu6uT2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Oct 2022 10:29:37 GMT
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKd8FSa_ErMC8FTIWn_NeWU&google_cver=1&google_push=AZmPxg9HufW6QfGPwfoXzbeWsqv_IPh695ih3qk0igwbYIrmQxkHnfElhvMQzDef3vemG81LjCPWs-4BwFeN3MvvneHdcJR...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9HufW6QfGPwfoXzbeWsqv_IPh695ih3qk0igwbYIrmQxkHnfElhvMQzDef3vemG81LjCPWs-4BwFeN3MvvneHdcJRxZYyQ&google_hm=MzU1ODM0NjIyNjU3MTY1OT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9HufW6QfGPwfoXzbeWsqv_IPh695ih3qk0igwbYIrmQxkHnfElhvMQzDef3vemG81LjCPWs-4BwFeN3MvvneHdcJRxZYyQ&google_hm=MzU1ODM0NjIyNjU3MTY1OTQ5Mg%3D%3D
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Oct 2022 10:29:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9HufW6QfGPwfoXzbeWsqv_IPh695ih3qk0igwbYIrmQxkHnfElhvMQzDef3vemG81LjCPWs-4BwFeN3MvvneHdcJRxZYyQ&google_hm=MzU1ODM0NjIyNjU3MTY1OTQ5Mg%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgI_Ol0pWN2TMRUDMPI9L0&google_cver=1&google_push=AZmPxg9asyDxrQ9siBIpj3kJPvluOoKsMuQ0Vfx7-6PDDK8vd6FiB82Vr45w9VSMwfZ5Snj2vUd...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa&google_push=AZmPxg9asyDxrQ9siBIpj3kJPvluOoKsMuQ0Vfx7-6PDDK8vd6FiB82Vr45w9VSMwfZ5Snj2vUd7-lQeqqtCCuXEIL929t6PNdci
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa&google_push=AZmPxg9asyDxrQ9siBIpj3kJPvluOoKsMuQ0Vfx7-6PDDK8vd6FiB82Vr45w9VSMwfZ5Snj2vUd7-lQeqqtCCuXEIL929t6PNdci
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa&google_push=AZmPxg9asyDxrQ9siBIpj3kJPvluOoKsMuQ0Vfx7-6PDDK8vd6FiB82Vr45w9VSMwfZ5Snj2vUd7-lQeqqtCCuXEIL929t6PNdci
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEzfNC7wQOfN2JU5axfjzko&google_cver=1&google_push=AZmPxg9AHwZgSZA45OXsWS53sAJxNTkZt4nfBPuPcfchrYP1UOOgWKd7_7i-GlcqmIeINB18bVxbpmvp1F9A6pWx1...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9AHwZgSZA45OXsWS53sAJxNTkZt4nfBPuPcfchrYP1UOOgWKd7_7i-GlcqmIeINB18bVxbpmvp1F9A6pWx1F2sSQr2lTsr&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9AHwZgSZA45OXsWS53sAJxNTkZt4nfBPuPcfchrYP1UOOgWKd7_7i-GlcqmIeINB18bVxbpmvp1F9A6pWx1F2sSQr2lTsr&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 25 Oct 2022 10:29:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9AHwZgSZA45OXsWS53sAJxNTkZt4nfBPuPcfchrYP1UOOgWKd7_7i-GlcqmIeINB18bVxbpmvp1F9A6pWx1F2sSQr2lTsr&google_hm=Fih1qGZHCwWDOX8WT7ycSDWx
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFCN1TZWlgyYfxI6NdRa4Nw&google_cver=1&google_push=AZmPxg9MRbFfR5aVeJaaBI6QKlU9IB4noaVAgWkK0NnEpLgxjnVicj5Ui2nI9czyjwzLYB3Y5snPNrKg4a7R9cIJhokYZg...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4hQ1yhL_T5CynFxMYdkNzw&google_push=AZmPxg9MRbFfR5aVeJaaBI6QKlU9IB4noaVAgWkK0NnEpLgxjnVicj5Ui2nI9czyjwzLYB3Y5snPNrKg4a7R9cI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4hQ1yhL_T5CynFxMYdkNzw&google_push=AZmPxg9MRbFfR5aVeJaaBI6QKlU9IB4noaVAgWkK0NnEpLgxjnVicj5Ui2nI9czyjwzLYB3Y5snPNrKg4a7R9cIJhokYZgTyZfls
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4hQ1yhL_T5CynFxMYdkNzw&google_push=AZmPxg9MRbFfR5aVeJaaBI6QKlU9IB4noaVAgWkK0NnEpLgxjnVicj5Ui2nI9czyjwzLYB3Y5snPNrKg4a7R9cIJhokYZgTyZfls
access-control-allow-origin
*
date
Tue, 25 Oct 2022 10:29:38 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 153D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC7aymFhzdJXA6YEOi48wLA&google_cver=1&google_push=AZmPxg8IEUkA9VsNSng2luDNZh1vEqoT38c2Zdb7jB5095dy733MStEAtHXpGJjmkeWCqCushIzm7BBZSBKFBSguxVTOUxc9xg74
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg8IEUkA9VsNSng2luDNZh1vEqoT38c2Zdb7jB5095dy733MStEA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg8IEUkA9VsNSng2luDNZh1vEqoT38c2Zdb7jB5095dy733MStEAtHXpGJjmkeWCqCushIzm7BBZSBKFBSguxVTOUxc9xg74
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwNTk1Nzg5MDQ1MjI1NDIwNDI4MQ%3D%3D&google_push=AZmPxg8IEUkA9VsNSng2luDNZh1vEqoT38c2Zdb7jB5095dy733MStEAtHXpGJjmkeWCqCushIzm7BBZSBKFBSguxVTOUxc9xg74
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 153D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICYQbAYX6g5Xk7ki7YWucPYxsTnkmKyQfhUu4Q_fKAjReaK3gsxgCxlfIZ2nVVH1FN5J_I
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8301 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
182825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:42:33 GMT
expires
Mon, 23 Oct 2023 07:42:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 946C
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ-h25tkusQBfXEz2deeBmI&google_cver=1&google_push=AZmPxg81q8bWUi3h85_P4fDzjA6w8pF6GkRe6UTR2H-QmZ1wuODmu5fQmi...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg81q8bWUi3h85_P4fDzjA6w8pF6GkRe6UTR2H-QmZ1wuODmu5fQmirXgUnIGhC-ZxYAHv6CQ_Im3VveYIeY_PKtq-S4SLc&google_hm=gqt5zeV_iVeWP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg81q8bWUi3h85_P4fDzjA6w8pF6GkRe6UTR2H-QmZ1wuODmu5fQmirXgUnIGhC-ZxYAHv6CQ_Im3VveYIeY_PKtq-S4SLc&google_hm=gqt5zeV_iVeWPYaor5dUqQ
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg81q8bWUi3h85_P4fDzjA6w8pF6GkRe6UTR2H-QmZ1wuODmu5fQmirXgUnIGhC-ZxYAHv6CQ_Im3VveYIeY_PKtq-S4SLc&google_hm=gqt5zeV_iVeWPYaor5dUqQ
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 946C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI7i5v5uAv5QjEiDSZX1gug&google_cver=1&google_push=AZmPxg_ABqQs-l0fNckywoRare5bC_H0vfizgsoRpNA4imoT1ay73wPToKJTrsc8Mkf4S9YoBmIiF09olBu2qy45VsTCLLPu0Qo
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 946C 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGMSpAxtlI9iXjErw6M5Tf0&google_cver=1&google_push=AZmPxg_PpfOZGIBMLxYvvRWWq9wgEjp7HgXWLRJHs6cpfnhBEX6hfck1oGVoRddP_LkbugK5Z8083P1A4oNcUIZkCvI8FyQLKMA
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 946C
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECRP5bAZmFbXZnxqNoyyyW8&google_cver=1&google_push=AZmPxg9egTKLFRiCFtfXqlSnqjr4YBKmxUqn_h4UD46mfeRH92xl16eU6F0TQNmg3V5n3zxmkdSBMHPAe5SfDDLr...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cNwXxz4ORqqxOwerPZqx5Q2&google_push=AZmPxg9egTKLFRiCFtfXqlSnqjr4YBKmxUqn_h4UD46mfeRH92xl16eU6F0TQNmg3V5n3zxmkdSBMHPAe5SfDDLrH5pZpeOe_A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cNwXxz4ORqqxOwerPZqx5Q2&google_push=AZmPxg9egTKLFRiCFtfXqlSnqjr4YBKmxUqn_h4UD46mfeRH92xl16eU6F0TQNmg3V5n3zxmkdSBMHPAe5SfDDLrH5pZpeOe_A
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cNwXxz4ORqqxOwerPZqx5Q2&google_push=AZmPxg9egTKLFRiCFtfXqlSnqjr4YBKmxUqn_h4UD46mfeRH92xl16eU6F0TQNmg3V5n3zxmkdSBMHPAe5SfDDLrH5pZpeOe_A
x-host
tde-deliveryengine-production-9df4ffd5c-pdlbw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 946C
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFphF1qbrIfHpnxrkqr_dE4&google_cver=1&google_push=AZmPxg9HC_e6IOnHjEV1eZn9s7_9kRUg9ItOo4s9SThnqw3IrSMpkCn7dR57ZMXBAu-_GmHIes3yTXd7veziOStM...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9HC_e6IOnHjEV1eZn9s7_9kRUg9ItOo4s9SThnqw3IrSMpkCn7dR57ZMXBAu-_GmHIes3yTXd7veziOStMLBqNShhA2oU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9HC_e6IOnHjEV1eZn9s7_9kRUg9ItOo4s9SThnqw3IrSMpkCn7dR57ZMXBAu-_GmHIes3yTXd7veziOStMLBqNShhA2oU
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Oct 2022 10:29:38 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9HC_e6IOnHjEV1eZn9s7_9kRUg9ItOo4s9SThnqw3IrSMpkCn7dR57ZMXBAu-_GmHIes3yTXd7veziOStMLBqNShhA2oU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
VUX3M6QJuwbXBot6E9bcfHm3pnDRLTwVIykSH9yJIGAKfIZo5QOpVQ==
sync
ssbsync.smartadserver.com/api/ Frame 946C 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFJqhEr24iRBXRZJDf_Zvo0&google_cver=1&google_push=AZmPxg9H8MAk9vrtB552yWXFrLUGRpb5or4HbetidWZI2fYK_ubjvzd4U5gIfkt5xqY7fcMDnhgM9WctHMVCb5VWpT_nRAflgW8
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 946C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg8P-NAgiLVauOXNQLvgdAy80003SDpOv_5z...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg8P-NAgiLVauOXNQLvgdAy80003SDpOv_5zdHIc2sAYCc5BebOPKkH9aKPacsipQM8x2-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg8P-NAgiLVauOXNQLvgdAy80003SDpOv_5zdHIc2sAYCc5BebOPKkH9aKPacsipQM8x2-IJHDZn5AMK8WvMo12y4WKCA1ss
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c50b45f2-873c-4cb0-b7dc-f88adc31a315&&google_push=AZmPxg8P-NAgiLVauOXNQLvgdAy80003SDpOv_5zdHIc2sAYCc5BebOPKkH9aKPacsipQM8x2-IJHDZn5AMK8WvMo12y4WKCA1ss
Date
Tue, 25 Oct 2022 10:29:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 946C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_WipqL_irDAc5h4_TGVtefHPBO5jvahXZ0aGwDJAabNk440D_C7bKaxNE2xPm6uQ9btCGaQ
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
commerzbank_smart_970x250_v2_js.png
s0.2mdn.net/sadbundle/4064855172832547207/ Frame 8B04 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4064855172832547207/commerzbank_smart_970x250_v2_js.png
Requested by
Host: 82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14ba55b0d68519396b5e4d41510f19d577de581058f6a59247a3db9a1f45e0e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4064855172832547207/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:05:29 GMT
x-content-type-options
nosniff
age
80649
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103805
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 10:08:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 12:05:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A458 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvxMHWCX4_dM58_Ot0PN94NApoHA_TGK0z9TonEDpbwsYUqE7L3kMdRvffmiSXlLD9WZLDMNMU0dSBqrIc7z_EOusweYQpxoa1qGb3bgCKXXPyxIJk56TY43A1A1b488vqLHIMVFFwAwWt8jggc1JunJWgSDh9XtsDL70jONBTkMqr5Kip_QLXtUxYu_O7bjOgY8MaeqXyqwLsbKNE2ZrYn-knwloKFpigRxc-7co_oyQqVzBP2OhzIal6CZhWQ8dwxOGf234TSaTP7d4HLWIpwo0oly2FRwtFJQFLYtBXQs2bdoyWw5YORNDLe2-FUEUTifpAAugwqA1zjyRYWo8kt9rTRpr4H_THmwpXoSW9xa5hRx4iuA9fMBGAVcLy5cHbrjo95T1CoFLWGkA8w2qNP8pdSKhQPCjkN2L6NT6113cshEooj_M45xFiFfp0NdcuYbJEcPC_8ksQmoQ6hdiVO4-qdWy-EZUHwfVDZLnZ3v5rIEqR0A1yT_ZLQXGEjja3RKtdBRRNjhHrh98knz1ksXFetDGlyAMGfcVAWQY6dTeI9WeKmQHOE5468xJmrFjH6MUjR3AFAd78RCUwd32G-knsnxHeRzfRn-QOC3COSKD47ul_s-MD6kQDmzNWHnNrGd3lOhhjurqfizkLFJp_XjNQfrq22t96YLaq2B23P8Gp1WlsVQyefpF-JJ19_vXc6hGbPDYMxBvsp-lFgMQPpNNP9FSHsPD9G3EFuXU3kSRwiSf4vff07PmpVFrkjgTYda744dZxdgP9Q9YTUQcvL6_q4ney5uSiugm1ap5okCbF-LS9geCzC2tcWOfuWp5cAdzXHPW2izV9lx2Hhh6ygbjhVRIOEEfPnLK6hAYbksbW5oATX1UksZhsbF6ijewHBD_rFXbSiQE41uLkjL9A1xuz7uI80aNqnkpDgw9fu9sCM9QVTtBgRVF-c4F4H6GYyJCuhnbPgauUEQyiyRYpwzKf4ZipMxH9reLNvpe6V3nJGqyWQMDa761jDvqOME7nYaKpb0TV2CTvmBSzVo8-PmS0xXClPlL6cdTT6Uj5je-StMkLV3s7SqnzGFzfv1D6t6Z_Ri0wXpCUYyL7Ogh5eWdmS4g2o3mV9953eqGvc9yKovpouPcMiYIBkC7olQovyHd6W1rwoo6xz5eknaXUUTUd9_MZKM3Vi7r2HceNFJNYjXaM8QYTEekVp1eEcfNxRxqnlChmeOyb-T-KGYH0tpk&sai=AMfl-YQRuQKQ0tcnRG0rzvy49zFIK4mXrkJQ4UzH-nbReBftDymvwzY7RKUJBxBEJDNZsuHIB-3HLpoRpj3u8LaTkzOxu5aq7W4FRqj3E2lBmTxEPWAwjEPry-Sy9ukwS2Y_RSanTQdMi5Hi13u3ysnxXg7ysDLk0HuW92JAmCuKsCJoB_pIpzLCdcnRkgfduQV_59iBQxqCLUJCTiVFEwJKm0kYSxwxBw&sig=Cg0ArKJSzEZMoR-yiVlyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=737&vt=11&dtpt=402&dett=3&cstd=332&cisv=r20221020.00908&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 7433 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 10:10:16 GMT
products.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/ Frame C57F 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/products.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
479c0e82401874d70206da5167d70b80ba821754755067eaa5479f115d1d4625
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 19 Oct 2022 09:21:44 GMT
x-content-type-options
nosniff
age
522474
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29411
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 09:06:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 09:21:44 GMT
checkmark.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/ Frame C57F 		757 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/checkmark.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38e96702b84ae58e3a9649da2079c84f573974ec951cc5995f6527896571fa28
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 02:16:26 GMT
age
375192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
478
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 09:06:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 02:16:26 GMT
SparDE_pos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/ Frame C57F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/SparDE_pos.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c722ccab507ff16f61452ba9e6ad8ec6f6dce3d37754bd545f71d56c4c90d3f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 19 Oct 2022 09:21:44 GMT
x-content-type-options
nosniff
age
522474
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3527
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 09:06:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 09:21:44 GMT
house_high_blurred_DE.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/ Frame C57F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6357826067549388800/house_high_blurred_DE.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe7abf2e39af84981cc3b739e8dc5dbf99efb143cdddcfe11e2f6544b6e0323
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 19 Oct 2022 09:49:49 GMT
x-content-type-options
nosniff
age
520789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8511
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 09:06:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 09:49:49 GMT
get
odb.outbrain.com/utils/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=10&rand=41121&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&em=1&settings=true&recs=true&version=2000918&sig=rA3V1MOL&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc0a5f0acb68fe853e2162e4eb078617e7d05e0b81a40dfbcdd9248473805e3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693779.791498,VS0,VE245
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21976-LGA, cache-fra-eddf8230136-FRA
x-traceid
c4639cb995383dad3dc69ca7fa8a6933
accept-ranges
bytes
content-length
15733
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1b769709c7a1439eedc46a01932515b74822565fd07f3aa2fe06d4800bbf9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11325
x-xss-protection
0
pumpkin.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/pumpkin.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba128484ba1fbc530c738251c478208c9d2b6d45b4cdeac1cd50c623f75b5c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 03:48:06 GMT
x-content-type-options
nosniff
age
24092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6883
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 03:48:06 GMT
badge.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/badge.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51609a41e77a11b1ef04f5dcc3c5fd37241a8ea30a95b6c8c4bc2d7f0faa69af
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 07:14:49 GMT
x-content-type-options
nosniff
age
11689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3311
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 07:14:49 GMT
products.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/products.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a70b3701a063092ddbea33c0d45c853ac45347761ea8abd41c21adab3204928a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 04:23:54 GMT
x-content-type-options
nosniff
age
21944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32100
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 04:23:54 GMT
bats.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/bats.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5b755b1676f30b9fc293e71e71ea03cbc79815901f18879282501e20d235e4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 24 Oct 2022 09:46:58 GMT
x-content-type-options
nosniff
age
88960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 09:46:58 GMT
SparDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/SparDE.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e57d0899a0c978512c92132b8aba85d4c8039b59ad3149dca990cade482b70
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 24 Oct 2022 11:07:16 GMT
x-content-type-options
nosniff
age
84142
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3973
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 11:07:16 GMT
wide.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/ Frame 9132 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11663474539605524480/wide.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de43592517be01dd001b89f7aa808a148c255ace344753dd50b99d51d2bba855
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 00:43:21 GMT
x-content-type-options
nosniff
age
35177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34249
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 00:43:21 GMT
truncated
/ Frame 8B04 		70 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edf5c889472fe10eff9637a67a5056eab2dd6fe8fb0789a6bc03fa84f616bb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8B04 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4c3d20cb8c121c1a3c3c4c1db4330688899134e28fc7fe5fddddeea73debc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e8bf9af3f5d0c1cbe22fcd1f9532ef903fadfaa6c4a6705d3b728d6ace60cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f225479eefa204069cfdaa35ec1275c381ac12cfa5b22b982416d42e39e05798

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323888aaf2f4fc123e7bee596c353bbb9b9bedda3f9e60e389f12b3c81b1b655

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca0f7fd908cfabf3f1a2e6b619e30e3641e29e5722e517964dc181d1688ade99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 8301 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 10:10:16 GMT
truncated
/ Frame 8B04 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c09b896bfdbc6abc42a21805dcbd987fc7642063507290bf0df641e62c79e3c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3609951701a873964476e4073a612f8bc24e2e095c164b85d1805ec4b9f08801

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b10777415487553c28f95d46402857b15d24ecf31f15b4b2f14f9e88c1ae2dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d43b1fff20668878ab71ab80fe07534a657f0e60a5cc3c1c87b833003749664a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B04 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11347e06f25b3955a0af9f6cbb271175bda471f5b161002cf2b0c1c8485002d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 10:29:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC57 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:15:36 GMT
expires
Wed, 25 Oct 2023 10:15:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 90F5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
904f59eea1603117f390a19aef8108b3b825ff0ceb5dc8d303980fe27abd3feb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AcPpeUcjA7NzI3aOQHtgzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-AcPpeUcjA7NzI3aOQHtgzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:39 GMT
expires
Tue, 25 Oct 2022 10:29:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
get
mv.outbrain.com/Multivac/api/ 		83 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000918&apv=true&sig=rA3V1MOL&format=html&rand=14148&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDkxMTc4ZjFkZDgwMGZkNmQ2NzU4ODBkNDM0ZjRmYzg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=10&lastIdx=10&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000918/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
411c7328585a9e38ff7a02971051875a6681af6609f36ec42f3abcdb11e322fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Oct 2022 10:29:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1666693779.106807,VS0,VE660
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13627-LGA, cache-fra-eddf8230136-FRA
x-traceid
1c5002250d75b3a9c5cb129ae5f1cca0
accept-ranges
bytes
content-length
20467
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 90F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=1066897415737725&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.540.0&bgai=BC_hvkbpXY9qfA8uu-waMiIkoAAAAADgB4AQC&bg=!7e6l7qrNAAaaxvStusY7ACkAdvg8WkbEQzNy7JaQr4MI7Ag7LKKxWppyIwIxhoYYm3dOjWxK5SSMJAIAAAHOUgAAAAJoAQeZAtWoDYjawGBJpQqQwakn4vOcRK9mRs7tIEOExjrLrlcQ0okHguOtmUaEobFnVrgW9NIVBP96LWuD5Oyhg_9VvkBTQCXrgZlae93W0OrcJUu4UJNdGT68_GQref0QUOX71j4Avr3q0S-uko4JJlNXqpV5qiNr8oXMnW7HsqpnrGwx4yHgeK3Y3DFckzy_c2yruW3Htb9LebI4N-8mSSSboVAhpE1fXlRv5iCXqTCQZ7misBHdL6UOoSypGL3nK5T_szfQpqCtXtERzSekDvfMOMqXfX7oIjK0TjlFedFdVFm9Kk8TsITk3NWiy7HlVCbK094-FxS4D4i6lQRpIlfAKCOn_W9duecFLepDT4CsEUBCyFwwgzyG_f9gO4zUv00juLLWXmB_OgiQlquMWFaS6YQPiJ5Zyx0Of55xY9eMXlmN8zANIXuGRlaU2QjKBPHFegb3Udx1ZAquGwMjGHBMK8o0SsNMDzbhsxsJRRLsqeF0f_8kjg-KEdtSOPUu0m2LInXdWCt0buGbhqI2Z3vwJ08su1uOwjStXuR5iEGUAmuBjBMMc2pFUXX8kCFooq6JZ_F7a219o7oNBJmXPtwCftrTOraC2QbTwwsvZTJUGRuIDEGFmCzqnJTs40ETwS9cLa7RO7QwJyMP_wfTD0dAOubyeiWu8W4ojoeetPGp0ZK4CDMqYNFgGDt0M_2ZUC_06GtQ8mUql8-UzJfQpOOnsmeIjUrj4158aNQV0bQ3sqC-h-JTZ3ZxhrzLXJaWqnRowhf8xrhhdeUAtqGkKGxHA60G0zo_JnmCjPw3PeDpjx7lWAQSA2dSxE00QtyeFaJKtNz-OMoWP-nTXo-d6XQraij1_CFpHp3sLlkq4aATz0w3_QPBORQR7yieEiX6Q6Q1gg78UbW1P8wrWdsZKLRGUUu5I9VQk5UkV6mEKNbBwdvK0jBH65VDq2UvX-kdCxvkDsP5m1jodQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame CC57 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 10:10:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8301 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYfz2kbpXY4TaMdCv7_UP-f6XyAQAAAAAOAHgBAI&bg=!srGlsfXNAAaaxvStusY7ACkAdvg8WkIhngcQqlgvKiozYEmRiTW5zd0iu7P4DRJJo9sbLJ4Ebi1kfgIAAAD0UgAAAAJoAQeZAvH2n95pF_Euk2Me_TjFxPD3yF_RLFabU1p_mjc01ZWSaMgR0NGG7fZKhwY-fXxwQo9hyszBupKkz0VS2SHBYxCZLS0szdgBaMuxM5fImax2_1GRJjRr3Z_R-gviIfK2F5rv2vZe6oa4gCTvCbEHykWaN9as9gh-BiN-kcsPrwfc_Kcpz8erdzsKjet5AmfBPx8s_MA60Q5i4ysI3_-BbwowBny57TjlagvjfEp_skiMjs_p-g4WPT3wHV4eNLV-ITjxjvRP8QNwXAJwVBsjyQmaRjCMBgqKrWh65kYY4sHp8PL7WUie-1bwV1of3czxgOVw-zfMGs9hTwNl-8NNUREo7XD_RCpRcKaFsNLYZmOb3sR4dvfgLkjTIRBLGM9olL5tXHY5crZOzLBxiVK7YRG3GU_qyCgz_4MepUEYcyaKIKuRhQWdTdjX9h3f-2UWkDO_pfMrAdAwM-c5AxE5-GXx6LsRf45h5YO7ouQG9JMGj9UbLImXdUimG2Eseavd5BxFhxv4t7UEYVtDVQvKGBUjiSl5P4sr_1r0n4jxdsnZ43tBdftLd25GiGxzOXewaMPdY2viTwQQGNutEep5Kbde_FHId40-Hs55iXIFgryRhsYm3hIZ0zPXRETaH0XoAaVXidSIxONDHy3UpfEzHHOl03pATsexfEdFugHrtFfc7tSdvGRI0YT-OEbOYW5DdB1WQvzcU9Ujfc1mVw3C4k1muX7Indxh1DBkJgN8WmxZJEiJpgcYF5FNGC_KRQ1GSK-X2Q7Sp6pvc_2FRoyz0tFPG-uDdfQlm0jqUOXxUQnhW8Egon1DVpQ7JUlndO3YpPO61JcX81cbHHv7NpzcVZLBEZ2hwPvXEz3WcNBh0Fo3sOlcWJZbYjdInms_Un3Qw_KftbUkj1Ei4EqJoFrTwHvUFasNOCE6dyNOWqFRAfW8V8FhzXhcKftWHG3FeWtDPPbKKJavrNU1heBScTKApZ6WpnCfdnflesZm_NfSGdzTT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7433 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVuowkbpXY-39OLiz9u8PwYu0mAQAAAAAOAHgBAI&bg=!9Pel97PNAAaaxvStusY7ACkAdvg8Whxoenpiku4vFiybHzRz2Q43pRWY6VTQt37rlgu86U5L4vhdhAIAAAEmUgAAAANoAQcKAHnYVtCo9mCxoyPg8OtK5kuHAMpUklrO8_UlnC7-rrJzq07CeNCsqJPwybIzJcn3mmehaMK-nzqSmoNHb0bD8euUMFUmEGrembpUGxvZNTDMuVtI-RhU_rrKRBJSQOUZHepibKVtAb8CtGxgPpw_1pbLw0MVCjpUoUk_mQLqXhfYRzC8IBCtQXTh3ZwHrKX6mnfVrbifKfulDhkigRIeoFwT3eK0sN3TFTlNm3xbIxXukOkUWV-GIA7692b8YcSaAUvMYU_gWxqH3-jnHqWE-SSVwMwubZoYbx0RuByBxS9fzwm7wOJNgGxNSmk6cPzcQbMJphjApJToNIcJp-a_OBdr7wZ5Qu23tWk4fpuad-ZwZwbRf_nWcuEEYteMJ3PFhI2p3L1-Ef_wVPzW9arazqNPvHUJ1Woa7H3v6YQM6BN8wMmsm_oeZtLf1bj123PQ5RdN4X47q_Xo_wQgNYlcB2_YKgjypr2hZZT8gUNeOo47vjno72Qh5OzX60ilC6oHuixSye2n6RCGrUi9A736WuSU-6601hvnHZgtwnb3pFiZqmvFD-LJsOqQLKIHcbD6uCRj3GAIR5-8JTpmtqNUyG4AsBfPzGNikS2zzw7I0vJg1jiO7KNRzPNFKmSwX-ZQp2WmaZbsyZYiWCBNw5EbXcHzykoj0ctSiGvZP3bYQAE4G57RhzK-hP6jOUw701pT08OkWu39W5iJxCYhpemCtMhhBvwnAlhG33uUiR-Ui_1StWOB2ZNT2YmQ4qgaZYBogT7QBDf0xxTMMoyh6X1sSbGgtlpn86Hvy9LNfJaG3g_B52q-oF5Zlk2jS4WmfkpHasFeb-bUByIa58k0SujQWLhiXxKEfbRDY6fU7fGKrgFZXY9R7ZgeQYQwzUpB5r99EhADdR1RPlts7Bzkqivp_oiuazbPOB5KqQP5qNmvn8AmfLYb1IDTY6PSDBTpjRtPAcBa4S4YnKDg0vURH2a_QVMfJ_YO9k4qOk32htDyGTeNPeKNLE1OrHhJhKjxDbvYL0idXruh85HVsoWLH3SH8UmkckZeVkDTt-rSehPFJKuKMql0l5AKaSzYcNLpGYkudUxliPnofIxez22cZpL1JSZanvnsOYLuAaL0qx6L_8H7jQn_BtTZjyzrz8tRYzk_d3jI68RIs_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame CC57 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G6dHzw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A458 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4h1gjMMiy_1f1PSU-oub7bdjwzP5vvVVoYQ_EzHUbfQquPQFaTaGHbVDMnYanO-un_kE-gKBJD3w3QwAKrZcVAw9_i3SAA4SpEuccB9uM_qGNBz1ynW3LzCkNwPbcQKhDbib1lQ&sai=AMfl-YS1XNHucuIylE8Aq4nJOdWqPG9jNQxiJjKdvlgFTxH8yWiqz9keVe2IAiMdHKzxlW1mE-7-t9wn_ku-yjYqqoNGo3NmGYMUL1L8IQN6De-E_2fv8i350NYbiwTJTMY&sig=Cg0ArKJSzNlTDfmM-VXoEAE&cid=CAASJeRogBJreOns6f51bI99ucbiHAThXRlyaTXrmDE7D3pUdHa5bK8&id=lidar2&mcvt=1000&p=20,315,270,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666693777399&rpt=1066&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B699 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGftsEkQcVuEg5Fak0LTCZUxY8lk2vueXyv-Sv7J7_l8jjR6ymjCLYkOgNWa6kNkTpQIk-aWYfyDx80ccI6lwGIkmD4mE_iC4RCpyJ8L2hD-RaQYDI227d8LFUudZeLr4xYK9fT3v0nYBpjzMJssD-C0IlOMPPSE2BlA&sai=AMfl-YTfB0TUY1YVMM1H8XYmtmQaSdR5_qWPwR2Hnc4PAlaL4I5BDA4RMDuQdUAtTRDAs0EK2y28LttfT_ag7x4Ais8bqyiDtTClcFkfTUsopmzX4DQc3u0qBzGdQkq0HQ&sig=Cg0ArKJSzL2prUDRKJfQEAE&cid=CAASF-RoiAnUwnVW5x7BaCc1W9Zo4PJDMqOH&id=lidar2&mcvt=1003&p=451,1439,1051,1599&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666693777738&rpt=767&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Oct 2022 10:29:39 GMT
syncframe
gum.criteo.com/ Frame BD7C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 10:29:39 GMT
server
Kestrel
server-processing-duration-in-ticks
987792
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Oct 2022 10:29:39 GMT
sid
mug.criteo.com/ Frame BD7C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=q_JrYXxVcGNCOEN6YVRaeS9hUVl0ejZ4R0J5bXpWYU91Mmo2d0VXN2szT0pDVmJwR011WHMyRTlRei8xdFYwU2FSNmNnQ3ZGdTBNbE9kVmRNazJ6WUFOaldXMzdyanpualBHcVdkUy8rMlFDNWtGZGVJSEZBdjFLVEUxcV...
441 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=q_JrYXxVcGNCOEN6YVRaeS9hUVl0ejZ4R0J5bXpWYU91Mmo2d0VXN2szT0pDVmJwR011WHMyRTlRei8xdFYwU2FSNmNnQ3ZGdTBNbE9kVmRNazJ6WUFOaldXMzdyanpualBHcVdkUy8rMlFDNWtGZGVJSEZBdjFLVEUxcVJKMklwRGUrK2xiVnBNNExJb3ZrbVBVVXBUVzJ2Njc3LzA5Z3R6T3IxUmUweGRzUlVuTko1SDFDalZxdWtXUithd0NnQTg0QXVYRWFmMkEwZGNxK3pYZTVpa1lvaUpFY2IxU0JCenpWSXRmWTI2SDdTby85QTVrR1ZtZG1EbjF2R1dDTWxxcXgza09yaFNnQ0JmakIweHlVa00wckszUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e57abdf656bd29e1c65777dc030cfdeaab1a980e55f76d3ff86a815748381f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2679858
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=q_JrYXxVcGNCOEN6YVRaeS9hUVl0ejZ4R0J5bXpWYU91Mmo2d0VXN2szT0pDVmJwR011WHMyRTlRei8xdFYwU2FSNmNnQ3ZGdTBNbE9kVmRNazJ6WUFOaldXMzdyanpualBHcVdkUy8rMlFDNWtGZGVJSEZBdjFLVEUxcVJKMklwRGUrK2xiVnBNNExJb3ZrbVBVVXBUVzJ2Njc3LzA5Z3R6T3IxUmUweGRzUlVuTko1SDFDalZxdWtXUithd0NnQTg0QXVYRWFmMkEwZGNxK3pYZTVpa1lvaUpFY2IxU0JCenpWSXRmWTI2SDdTby85QTVrR1ZtZG1EbjF2R1dDTWxxcXgza09yaFNnQ0JmakIweHlVa00wckszUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
844010
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=1066897415737725&bg=!ISKlImbNAAaaxvStusY7ACkAdvg8WsACvsXDgLOBCNUtnkUi_kPbeOHOg6PhHQX4Adh9jQqkkCIYqQIAAACIUgAAAAJoAQeZApS9XdZ04nYOnVJzG3CjP8CYykVotBcxoMqCjQf5AYewrDLrYrrxPKhZyXEk4TuVX_0jaxdHDOxq9cTHB0PUOtRAEFaDvyNJslBujouiMediPJCMJfwc5Yw-Z0WADakSrATaxCtPT1keQRcEp21SotbBdArHO-58mzhBW3wDCX0M77XCBnWqa2JkGYSP7y-6lonbN8NzGLNfMOfDBQ98YjFvVEeXGsu4QBX6o11AD5Yi-W4QhbPSIewWyS_LrO3OITp5OGmYdZknu8ivritj2_Itk4jgauHsxmdsRl2TZcph0Fm8UFUsZAm37YEnR066e0I5PUHxJGRNe-2QvKcBkmKo1b_JJMIfmaSOMRK3HtQySbENhU9_nh_dOVLQ-fkNSO-AbHbBQaVlvDbuT5e9Y0IABBBp8jmgAe2Vu0nuXzXVD3BPZG6UFsuUzo7gFu9rywBcMgm91uEG12qBI1OdExAiaY3jhazTnSdz8fuYMpsoJR40tjty_TA2nhdiD_WzgMXfaWIRiqR4IhOTBsQpjk-WjrxUR3u9AdCbDmlYtgaODjpb1ZX_pwR-LQOfPjcfG2VE8Febd5nceIchH4jZRXtQhCemnxV-_L5srYXBnNAeTE3prt8HGRR8fUcMyfkbiVTRCewv0OEspl9-slN9AVVAFiTkgkkW7UNUa1uR5t54vTNOP_UbWtZa8xGgnIOX-MMBuk-EFCp5gfxQb_BYCmRdbAvczcLVlaw96uVbDOYec4zSWBReogZacdshQAkff8pmOWBq5S4bhyW0WO4fQybrQBT6ycTFjhLwPcs2IKs7CJizHRWp8RJwPK3djfULHhBtDAbyeU2OZNt-DNNruRPklx9KR5Ws_cMP5dlDcXHZt8ZnKjU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=O2AzEXxtMnFOd3RKZHlCMXlpZkhaNGVKV2pMOFVBSFdZekt4eDJXMWdPTWxEVXplQTVLSHBMTWtpdHlBbHJtdTRGNlFHbk40Ti85SUF2ZVUyblMrenNremptN2psNEtoYmwxb2ZBZ01abUNLSzE2SmdLQVMvQWdnbVkxUT...
418 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O2AzEXxtMnFOd3RKZHlCMXlpZkhaNGVKV2pMOFVBSFdZekt4eDJXMWdPTWxEVXplQTVLSHBMTWtpdHlBbHJtdTRGNlFHbk40Ti85SUF2ZVUyblMrenNremptN2psNEtoYmwxb2ZBZ01abUNLSzE2SmdLQVMvQWdnbVkxUTFqMCtoMGUvYytQcUZqVTY4NVh4MnZyM2V0Zy9STGNUOG02YTBYUndxWmZiVXFsWkJhVmp4MTV0dkxiMWlUeURUNk9sYTdpaytGNXNTUVBzdTFjcWlHSE9NbUY3QUVhK25jVlVyOEFBbGdsWEpNM2xxNTJ2aTFDTWRnc1lqY0Y4dG1yN0tsb1NxUnJHeGlDKzNQNUNtYzJxTWJQKzExQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
30447dce756c0f54412e0f2c96a30f0848e95b5eab38f00d69e5eede19ffc499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4788115
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=O2AzEXxtMnFOd3RKZHlCMXlpZkhaNGVKV2pMOFVBSFdZekt4eDJXMWdPTWxEVXplQTVLSHBMTWtpdHlBbHJtdTRGNlFHbk40Ti85SUF2ZVUyblMrenNremptN2psNEtoYmwxb2ZBZ01abUNLSzE2SmdLQVMvQWdnbVkxUTFqMCtoMGUvYytQcUZqVTY4NVh4MnZyM2V0Zy9STGNUOG02YTBYUndxWmZiVXFsWkJhVmp4MTV0dkxiMWlUeURUNk9sYTdpaytGNXNTUVBzdTFjcWlHSE9NbUY3QUVhK25jVlVyOEFBbGdsWEpNM2xxNTJ2aTFDTWRnc1lqY0Y4dG1yN0tsb1NxUnJHeGlDKzNQNUNtYzJxTWJQKzExQT09fA&cppv=2
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
485236
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 25 Oct 2022 10:29:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
601544
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D645 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1666693776877
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame C49B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
21633
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 25 Oct 2022 10:29:40 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 19 Oct 2022 04:28:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
10, 369756
X-Served-By
cache-lga13626-LGA, cache-hhn4043-HHN
X-Timer
S1666693780.259691,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 3FAC 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 25 Oct 2022 10:29:40 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 233F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Oct 2022 10:29:40 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 6F15 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 25 Oct 2022 10:29:40 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E888 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26899
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 25 Oct 2022 17:57:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B0B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 25 Oct 2022 10:29:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
ixmatch.html
js-sec.indexww.com/um/ Frame BE1A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
594
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75fa45bebcbe92bd-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
expires
Tue, 25 Oct 2022 14:29:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 1F90 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21927ff748fee73cde5d78a4a8c868f3f4e27ae68287bde629bcf9d59230734a

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45be8f409016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame EA52 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1666656000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
21634
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 25 Oct 2022 10:29:40 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 19 Oct 2022 04:28:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
10, 369670
X-Served-By
cache-lga13626-LGA, cache-hhn4072-HHN
X-Timer
S1666693780.261244,VS0,VE0
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 10:29:40 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame C49B 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
AN-X-Request-Uuid
1c129995-96a5-4198-9d5d-13aa1f687a71
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O2AzEXxtMnFOd3RKZHlCMXlpZkhaNGVKV2pMOFVBSFdZekt4eDJXMWdPTWxEVXplQTVLSHBMTWtpdHlBbHJtdTRGNlFHbk40Ti85SUF2ZVUyblMrenNremptN2psNEtoYmwxb2ZBZ01abUNLSzE2SmdLQVMvQWdnbVkxUTFqMCtoMGUvYytQcUZqVTY4NVh4MnZyM2V0Zy9STGNUOG02YTBYUndxWmZiVXFsWkJhVmp4MTV0dkxiMWlUeURUNk9sYTdpaytGNXNTUVBzdTFjcWlHSE9NbUY3QUVhK25jVlVyOEFBbGdsWEpNM2xxNTJ2aTFDTWRnc1lqY0Y4dG1yN0tsb1NxUnJHeGlDKzNQNUNtYzJxTWJQKzExQT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 25 Oct 2022 10:29:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
362673
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 233F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 10:29:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51369
Connection
keep-alive
Content-Length
9454
Expires
Wed, 26 Oct 2022 00:45:49 GMT
async_usersync
ib.adnxs.com/ Frame EA52 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
AN-X-Request-Uuid
344b98eb-e89b-4b11-9f7c-eb130edafe4d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 1F90 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
669414
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
75fa45bf28539016-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F194 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481278309b979736e3776b408de76c7b65383a551bf1d443b1e693b8946dbf59

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75fa45bf4ff39b98-FRA
content-encoding
br
content-type
text/html
date
Tue, 25 Oct 2022 10:29:40 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 1A2D 		0
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45bf58c89016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/universal/ Frame C70F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.25.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-25-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
dcm
s.amazon-adsystem.com/ Frame F194
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EQ05V55C699CG5TK3D78
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P6NYB43CNZT3285ZJ385
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F194 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame F194
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_cver=1
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75fa45bfb90f9b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKu7pM16fbGCI5kXeQutJjg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F194 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F194
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1e6kdAAUjwUO46a9eLRewAABFwAAAAB
date
Tue, 25 Oct 2022 10:29:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge
cm.adgrx.com/ Frame F194 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
server
Cowboy
Content-Type
image/gif
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
X-RealServer-NX
ams-delivery-7
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
demconf.jpg
dpm.demdex.net/ Frame F194
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1e6kdAAUjwUO46a9eLRewAA%261116?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1e6kdAAUjwUO46a9eLRewAA%261116
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1e6kdAAUjwUO46a9eLRewAA%261116
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.209.199.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-199-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-0b6db8e1c.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9pEtkpDfRTE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v044-066fbe967.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
93KVM3V8RD8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1e6kdAAUjwUO46a9eLRewAA%261116
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame F194
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Tue, 25 Oct 2022 10:29:40 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame F194 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1e6kdAAUjwUO46a9eLRewAA%261116
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43095
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75fa45bfd8c89b5b-FRA
content-length
43
expires
Wed, 26 Oct 2022 10:29:40 GMT
KcYldmMlJOlFqeXsm104
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 5C7E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted
0
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45bfc9839016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 25 Oct 2022 10:29:40 GMT Tue, 25 Oct 2022 10:29:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KcYldmMlJOlFqeXsm104?pi=smilewanted
pragma
no-cache
tap.php
pixel.rubiconproject.com/ Frame 233F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwjPsZBeGWTqJTUE3X1I2A&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwjPsZBeGWTqJTUE3X1I2A&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwjPsZBeGWTqJTUE3X1I2A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 233F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_7qeYy1u4i8mrxtJEyx8-A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3558346226571659492
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3558346226571659492
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 25 Oct 2022 10:29:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3558346226571659492
content-length
0
pixel
cm.g.doubleclick.net/ Frame 233F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVjNGUxZWQ4Y2IzMjVkNTQ3M2M0OTgxMTU4OTgyODI3YTlhOTgxYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVjNGUxZWQ4Y2IzMjVkNTQ3M2M0OTgxMTU4OTgyODI3YTlhOTgxYQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVjNGUxZWQ4Y2IzMjVkNTQ3M2M0OTgxMTU4OTgyODI3YTlhOTgxYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 233F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=y_u9gBtBROGFXnn7XfEwbw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=y_u9gBtBROGFXnn7XfEwbw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=y_u9gBtBROGFXnn7XfEwbw
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WVVB2FD9DTZ8RQ2RA9WV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=y_u9gBtBROGFXnn7XfEwbw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 233F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ec2PfzPkRAaJnjkL-SQXdg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ec2PfzPkRAaJnjkL-SQXdg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ec2PfzPkRAaJnjkL-SQXdg
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GTPXSQWJQ22WMV23GV59
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ec2PfzPkRAaJnjkL-SQXdg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 233F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 233F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9O2FWYM-O-9TTZ
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9O2FWYM-O-9TTZ
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 703E3E1539754159AE2AEC599FFCE26F Ref B: FRAEDGE1712 Ref C: 2022-10-25T10:29:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXr2WK+NIkIgMZrD49+9A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9O2FWYM-O-9TTZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 233F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:29:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPMkZXWU0tTy05VFRa
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/prebid/ Frame AE92
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
96a09d3c-4bba-4239-9198-5bf3140462c6
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 25 Oct 2022 10:29:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45c00a019016-FRA
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8685361e1bf5978c68d3e40b06a81910
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame B4F1 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75fa45c068848fe9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame 58DF
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 25 Oct 2022 10:29:39 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 25 Oct 2022 10:29:39 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
1
sync-eu.connectad.io/syncer/ Frame 3F69 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
75fa45c0d97c8fe9-FRA
date
Tue, 25 Oct 2022 10:29:40 GMT
server
cloudflare
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/ Frame 7BE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6EFD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26899
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 25 Oct 2022 17:57:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
ef0c8302-544f-11ed-ab94-11e121d60506
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 2A55
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=ef0c835d-544f-11ed-ab94-11e121d60506
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/ef0c8302-544f-11ed-ab94-11e121d60506
0
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/ef0c8302-544f-11ed-ab94-11e121d60506
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45c23dd29016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Tue, 25 Oct 2022 10:29:40 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/ef0c8302-544f-11ed-ab94-11e121d60506
Server
nginx
X-fe
114
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 9435
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75fa45c419109016-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 10:29:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Oct 2022 10:29:41 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
/
csync.loopme.me/ Frame C930 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
31.174.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 25 Oct 2022 10:29:40 GMT
server
_
async_usersync
ib.adnxs.com/ Frame C49B 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:41 GMT
AN-X-Request-Uuid
a9e0b407-d69e-4247-a851-3f9fa3760a27
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EA52 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 10:29:41 GMT
AN-X-Request-Uuid
8a9a733b-1356-495e-8d65-9c2a54af6f41
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E888 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32293716&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:41 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6EFD 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59268763&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:29:42 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState object| _cbm object| __LOADABLE_LOADED_CHUNKS__ object| __twttrll object| __twttr function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| regeneratorRuntime string| __strip_step__ object| _0x2389 function| _0x5c20 object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO function| PlayerSdk object| WallaPlayerApi function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| gaplugins object| gaGlobal object| gaData number| google_global_correlator object| closure_lm_864227 object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| a object| sas object| apntag object| _ADAGIO object| sw_consent object| ONFOCUS object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| google_image_requests

65 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _t_tests
Value: eyJRQ2Q0ZUZQUTlrcU81Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCbzNUUWwiLCJCbzNUUWwiXX0sInp3bWpiejNBb08zWDAiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJpS0NZMSIsIkJpS0NZMSJdfSwiSVJsc0ZYZlh2aktFTCI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiRFdCS19DIl19LCJ4d2VteDRKSk5SZGd0Ijp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEZF85NEgiXX0sImxpZnRfZXhwIjoibSJ9
.walla.co.il/ Name: _cb
Value: CVDOAwBhOVB_D4nQBT
.walla.co.il/ Name: _chartbeat2
Value: .1666693774812.1666693774812.1.Ck83B5CCvwnjUT2KSBPntmLC7of8B.1
.walla.co.il/ Name: _cb_svref
Value: null
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _ga
Value: GA1.3.1349161307.1666693776
.walla.co.il/ Name: _gid
Value: GA1.3.1788916816.1666693776
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.adnxs.com/ Name: uuid2
Value: 7918537102652715055
.walla.co.il/ Name: _fbp
Value: fb.2.1666693775986.6387428
.walla.co.il/ Name: vad-loc-code
Value: de
.doubleclick.net/ Name: IDE
Value: AHWqTUlIzfyjlmoSqz1dRVcwp0NHk_htIHmZZ1u6MPHFtLYuFDh3RSYGulZJxs-M1lY
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: L9O2FWYM-O-9TTZ
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2GcSBS0gjUQOQFbWGgM44fR/rFJVNr6iJVEPWV8b2hcVhO6hxeyk3HfUbtGK/WusQkHL1A+FIUCiL5hAXvaZVpo2A6U/0n5lg=
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwkfXemgY4AUABSAEQkfXemgYYAA..
.creativecdn.com/ Name: u
Value: KcYldmMlJOlFqeXsm104
.creativecdn.com/ Name: ts
Value: 1666693777
.ads.stickyadstv.com/ Name: UID
Value: b1e31759f89294c677ee8d6d4bf3afa3
.walla.co.il/ Name: __gads
Value: ID=d69fa469d994a772:T=1666693776:S=ALNI_MaR_PDrrdx56seaOPKAZZBAMGu8Lg
.360yield.com/ Name: tuuid
Value: e21435ca-12ff-4f90-b29c-5c4c61d90dcf
.360yield.com/ Name: tuuid_lu
Value: 1666693777
.walla.co.il/ Name: __gpi
Value: UID=00000b1629beb9a1:T=1666693777:RT=1666693777:S=ALNI_MZBs2PHvz1vGQANFhCD1efzgFrnKw
.casalemedia.com/ Name: CMID
Value: Y1e6kdAAUjwUO46a9eLRewAA
.casalemedia.com/ Name: CMPS
Value: 1116
.casalemedia.com/ Name: CMPRO
Value: 1116
.quantserve.com/ Name: d
Value: EAoBCQG1J4EA
.quantserve.com/ Name: mc
Value: 6357ba92-1e18b-3352a-384cc
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 38DA8871-CDD4-4774-9477-D52CEE9E778F
.lijit.com/ Name: ljt_reader
Value: Fih1qGZHCwWDOX8WT7ycSDWx
.yahoo.com/ Name: A3
Value: d=AQABBJK6V2MCEE1jy9eLFtZJZNVw9yhVcwkFEgEBAQEMWWNhYwAAAAAA_eMAAA&S=AQAAAhl6sW2ogHCIIiVu-nxrBL4
.3lift.com/ Name: tluid
Value: 2105957890452254204281
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6ecfd3fc-d49d-4811-8e2b-c9a339c282c0-003%22%7D
.bidswitch.net/ Name: tuuid
Value: c50b45f2-873c-4cb0-b7dc-f88adc31a315
.bidswitch.net/ Name: c
Value: 1666693778
.bidswitch.net/ Name: tuuid_lu
Value: 1666693778
.doubleclick.net/ Name: DSID
Value: NO_DATA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1e6kgAAAM0PSgAr
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6ecfd3fc-d49d-4811-8e2b-c9a339c282c0-003%22%7D
.w55c.net/ Name: wfivefivec
Value: t4L0Krg21ONhbI5
.mathtag.com/ Name: uuid
Value: 899d6357-ba92-4a00-a768-e0cf03bae3fc
.mathtag.com/ Name: mt_mop
Value: 4:1666693778
.blismedia.com/ Name: b
Value: 6357BA924CBC15B659A53C31BLIS
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2270DC17C7-3E0E-46AA-B13B-07AB3D9AB1E5%22%7D
.w55c.net/ Name: matchgoogle
Value: 5
.criteo.com/ Name: uid
Value: 349f7c5a-c14c-462f-8ccc-0322c5f45ce5
.walla.co.il/ Name: cto_bundle
Value: NojOP193RTVCZjA4dUEyZlVuMXI0bUx5NGhtMjFKR0x4VTQyZVRZUUZWc1JCQjdLdEVnUWlXVnJySW9VV2JKeWdxVG0lMkZmaXowUjgyUmNWOUFmNmJ0clN4MktmdE9PWGlwd3I0c3F2dk50UHFUNFpGOFFhMkJZY3hJak9vNVZUdm5RdVRybDdGSTFSSVhweFVXZ2NZVEUxZHUlMkJBJTNEJTNE
.walla.co.il/ Name: cto_bidid
Value: zjUVrF9WRyUyRjRGc3FsNlpxdU1jYXkwcGYxdWpYanpKQjJVUXBWQnpOZTNmdm1hbmxuTW8yRWxQJTJGZGlvRGVlNEdYUTJjd3NYeDNwcUI5dWglMkZ1Vzk1UmJiV1RabFhJeEJXMHRybE5sV1NydVV2Z0daWSUzRA
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~27wy
.casalemedia.com/ Name: CMTS
Value: 5191
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2GVOjd`Ho!]taq8i_iqf!oN/@E'zz<*Z0Qs-sbo%JiGo!-?SC?!:6.[[8TY22-W.Clq9OTD._*Pl[i'pRL>iih.323]IKo5Ha$f=Q1.O4v0#9_YhkK5+1[[3QEh/_sxXRUng_:e+.<Q!9mgtAXEJ'
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI4Njg1MzYxZTFiZjU5NzhjNjhkM2U0MGIwNmE4MTkxMCIsImV4cGlyZXMiOiIyMDIzLTAxLTIzVDEwOjI5OjQwWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTEwLTI1VDEwOjI5OjM3WiJ9
.demdex.net/ Name: demdex
Value: 10080274722205407652215159930788474881
.dpm.demdex.net/ Name: dpm
Value: 10080274722205407652215159930788474881
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4a747396-b981-4bbc-828e-5049181e042a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjY2OTM3ODA7MjswMjF/ZUYNCHVf415mpvFKRV0+IFMxvO9W+jW41QIAXPXj8Q==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2825:u=1:x=1:i=1666693780:t=1666780180:v=2:sig=AQEH6tVrhYuRQ-0P6_QS3I-aWtJqbXBj"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.spotxchange.com/ Name: audience
Value: ef0c8302-544f-11ed-ab94-11e121d60506
.smilewanted.com/ Name: sw_user_params_infos
Value: Ybkqb0veqQ29EvbR7Iy%2Bk9J2HdCZq6pk%2BCCRKGQYUEYOdIYLZnjT6ObVaitRoYMMZ7qDmwpaVd1Ankaewa0AGa%2BJsW35KQrfzJL%2BSb2h%2BAFHmoyGVUG8AUjUwS64GzYKcoOET0RvQrKr4fZbl%2BWJdhRIjR0TIlBT3q7sEh6sUJfPWDciBeH8VC0WOS3adGZAFFnuo3BJ2cOK%2BeI4UP09wjofJzG8qN1St5cURLQJ9ewGvOzoq3h2Ut%2FDeH0pJ24gUwKytymVcu%2B9XdUSu5wa%2F3fNq3PZaBVzoezUY7%2BcznTuzmx4BeoLu5TYHFiejQPGnWmYHNzBF9E1y0QCyhRhnDUfayjptJQLKgWEmLCvULzyA6Xi9oMFdh7nGdztqqtU8qo7pgQ3%2FquusuuKRu%2FI7vOHvAsYi5NyAyxALOYwHbravPbVgnuxmmmNrqSjy9oLcI1CgNlKHX532Bo0OQ7%2BKg%3D%3D
.amazon-adsystem.com/ Name: ad-id
Value: Az8xtr2xQ0uft6GjAr08GIM
.ads.pubmatic.com/ Name: KCCH
Value: YES

6 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-10-25
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/6357826067549388800/index.html".
security error URL: https://82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11663474539605524480/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

82841e8af6216b816b80688192ac372d.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ade.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bid.g.doubleclick.net
bidder.criteo.com
cat.nl.eu.criteo.com
cdn.connectad.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.valuad.cloud
cf.dxmcdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creativecdn.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
dal.walla.co.il
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
image6.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
imasdk.googleapis.com
img.wcdn.co.il
js-sec.indexww.com
khn.crowdad.io
ledger.crowdad.io
live.wcdn.co.il
log.outbrainimg.com
mab.chartbeat.com
mabping.chartbeat.net
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r4---sn-4g5ednds.c.2mdn.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
walla.co.il
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
104.18.12.76
104.18.13.76
104.18.19.126
104.19.149.54
104.244.42.8
13.248.245.213
142.250.186.162
146.75.118.132
147.75.85.234
151.101.193.108
151.101.2.49
172.217.16.194
172.217.18.2
172.217.18.98
172.67.10.198
173.194.76.157
178.250.2.146
178.250.2.148
18.157.124.70
18.193.243.10
185.183.112.155
185.184.8.90
185.255.84.151
185.29.132.241
185.64.189.112
185.80.39.216
185.86.137.121
185.86.137.131
185.86.137.17
185.89.210.101
185.94.180.126
198.47.127.19
2.21.20.202
2001:4860:4802:38::178
205.185.216.42
213.19.147.44
213.227.153.220
23.205.235.133
23.35.229.181
23.35.236.201
23.35.237.56
23.35.237.86
2600:9000:2127:3600:4:1c73:c740:93a1
2600:9000:2127:6800:11:da61:a100:93a1
2600:9000:2127:6a00:1b:5138:8a40:93a1
2600:9000:2127:b000:1e:a43d:b640:93a1
2600:9000:2127:e400:18:1fcd:351:7bc1
2602:803:c004:200::141
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:36ce
2606:4700:20::681a:8a9
2606:4700:4400::ac40:983f
2606:4700::6810:5714
2607:f8b0:4002:817::2003
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:19::9
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2008
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:82f::2014
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::24
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::714
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0
3.123.150.182
3.126.25.47
3.126.56.137
3.224.42.121
34.205.101.114
34.96.105.8
34.98.64.218
35.190.0.66
35.214.174.31
35.244.159.8
51.38.120.206
52.209.199.248
52.212.114.253
52.223.40.198
52.46.130.91
52.48.80.62
52.95.122.74
63.32.245.11
64.202.112.223
65.9.95.56
65.9.95.57
65.9.95.59
65.9.95.65
65.9.95.85
65.9.95.91
66.155.71.25
69.173.144.139
69.173.144.165
70.42.32.95
72.251.245.179
72.251.249.13
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111
03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03
03cf495a252bd8a38528b3309c1834ac67af9f147b3ee0739fb0c540e901e773
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
048d4401cfd88bb893738052af34fec5433735b6b31e29c6fc6b08a899739e29
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
06739adc1e7cea00ae15e9b4758f1c6ca8a8d65c694b80e5ebb4bf7ef6100fc2
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
077deca4d6403481d09410f5975dba17e496fc18fb1af7eb875c53c404a757ca
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0924b51171859ad38a1a2d44d223b6930c8521523dab71a1c8b5d29f9efc9280
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09c9cf712ab9f1eafc4f11c0e7556802347272c6e17ea39277ed8c132bb81b1e
0a7f878a27b7a0c67b9d6a0330a3a87b9682114d5c4b2c01ba6a009d1870a143
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
11347e06f25b3955a0af9f6cbb271175bda471f5b161002cf2b0c1c8485002d9
116c109a4ed8f1c7c6e71fef91085ed6f6d005c4f9073ae5ec6dab9d58d94338
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ba55b0d68519396b5e4d41510f19d577de581058f6a59247a3db9a1f45e0e2
179ef7120a911a837323e53870f6c44ed117aa6df21b03637ae5a3b7f92f8ba8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ba49cae33a20fb86ea334e4cdd0dafccf83467684158fccc75a86da3c5fc8cb
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e2ecd91a31edb49c563e1f6b19ff43c32d2313bc0633eaa1c3630e56da6f6b1
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f8447006dddfd40dfd9fa68063540f9c6f363f5abe4889cb7424bf92ee28106
21927ff748fee73cde5d78a4a8c868f3f4e27ae68287bde629bcf9d59230734a
241e253c8cfc2a4eb629c8c6edf0a0f2fa1b6f01661cfac1a9ec67eaf040e7d2
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
28e57d0899a0c978512c92132b8aba85d4c8039b59ad3149dca990cade482b70
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ccec69c3875281f687e0a18f51826a5e1a7feafc45158b01ec6e7cc05a37996
2cd8e3e31d0562e13becc5a6e03757eb119ea4c30c3ec7902f368101b106e8c3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea4753c508a2bc6bfa07a7c78f8bd88730aed18049df29c9d84e4c902755cea
2f7363b4d3f47cb05b16e504a033f3ecb4f9c92125bc1e2d7ffab994f330d03e
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d
30447dce756c0f54412e0f2c96a30f0848e95b5eab38f00d69e5eede19ffc499
323888aaf2f4fc123e7bee596c353bbb9b9bedda3f9e60e389f12b3c81b1b655
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b
3609951701a873964476e4073a612f8bc24e2e095c164b85d1805ec4b9f08801
3852e07038b5de1f1ef09633aa05e2c6a309f0e305075f1f360e2c3bbe7b70e6
38e96702b84ae58e3a9649da2079c84f573974ec951cc5995f6527896571fa28
3b62ff5a9325794e939b09f69601248dbe6fe195673a1737d7397f4c0d40512b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8bf9af3f5d0c1cbe22fcd1f9532ef903fadfaa6c4a6705d3b728d6ace60cc3
3f5b755b1676f30b9fc293e71e71ea03cbc79815901f18879282501e20d235e4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411c7328585a9e38ff7a02971051875a6681af6609f36ec42f3abcdb11e322fd
414512e53e569f8654c68b2ce9afea5311331f510d8e944000c8c23ebe96db5a
4246ffafbb1999e5f1f9a4bca6cc8270b7fe361e9a34305e013bf685a77afda2
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e
451b602c403397960b379dbf839d25b41ea356970ed7edc7080c226c8110fb49
45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca
45950e99e9e334b79c45a82dceaa24edf55a60d406a7e62651b7d04a5a5f35f9
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
479c0e82401874d70206da5167d70b80ba821754755067eaa5479f115d1d4625
481278309b979736e3776b408de76c7b65383a551bf1d443b1e693b8946dbf59
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d1b01908a0458cc5c8be630efd8c6e9ac6759afefe9e4a3f2938552146a360
4b14bef1d3218644f3e397a6cc70c7f026b5a26383ba2753eadbe11730f917e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dfc449b45eeeb11a39430fbd8c1d5db14e915a2e3222b1f0cadf2939e2e2247
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f97881d632eedf26968c649185c8974ba2660892becc268ca373daebb616615
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
4fe7abf2e39af84981cc3b739e8dc5dbf99efb143cdddcfe11e2f6544b6e0323
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
515e3e6e09f6b0ad8436d1dda33a7a689e7ef111ad485ce26bb36f209f540da4
51609a41e77a11b1ef04f5dcc3c5fd37241a8ea30a95b6c8c4bc2d7f0faa69af
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
52a8321ff0ddcb2f45c151c239f7fe1d640eafa73aac2f8459a0cbd9d0364fdb
5571dd0aa055fd29ec2b3fc6a6485c7f823ee0d596ac596b54843bf71efd986a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
56e14abd1aaf620a3832b20e2cf927272b034b8850de286c21200c446634ff2e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5c010ebbcf499d639b59f2a090cf411dfa7b12f62f841cb28f495831b6c9f278
5c11f1d89bab77d20fdcb19b628c6c6221f20bc85deaa925da92e895cf1d940a
5c722ccab507ff16f61452ba9e6ad8ec6f6dce3d37754bd545f71d56c4c90d3f
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5dec0bcd40f7d6ffbb800b39e4277dfea962481694fa4a8077f3e826abc36bc0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60a1d147256d18353437afbd4c84fd089c7285772fefb3c99aecf9bd94bbd7ff
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64b934c26f040486052e202be223cd7514f770a38a68edb67db123d997895cac
64e135d1fd7a183581dcf20e7395992977f83aec076f9a3863a79dfadbf6fb07
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b0e806ee1bf9e45082bd34d44ce0592fb045382c8538f8b5e0ff99905d0eee2
6d1aa9c012a88e586d5b23e16cafaf6ecd657de5422e0c6e53dd06909696b2b0
6f271afc9e4baff46393c2294bafc58dc48a30c276b28d3bea3d274b10a84e78
7141eff52b35b87bffd434f9acd9f662f45814ad6924908dd97270d5cfb55255
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339
74cd7edb4aa79b0a4a1074aa76a1e0006c3250c2accdc7fdf6f687697234534a
7675520bd954bcda54ba15725800e7e7378c41db97cf5dcfdd7e0cf5b74e9307
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
76fe4edf2cb6a8629a3bc9757b539a6ae7f6ebc9e1d260d17cb333dfc7ce5d6c
779d9d1d54038e2afa37e881255d890c73107ac9fd78f964e6f1d736cf906b17
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
7c0a33a4eedc8475a6d8999f178d7b14b778222d518f60c91b844c13d7de54d7
7cc7c525ae329d48d9bd220082006161ef5fba2d19b9daaa4dddce0b185aa70a
7d64c8a5dc66b0039376a0644f40d9d77528f4790c880322e8f0c4bb88979d88
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2
88b740a04a0bc328a7ed4f7a25cc17c6d9e6d7daaa43763478af606e40379e16
8926f136616b914a03a450eb25e49dae96aad373b67d989cea66ac8002a58133
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
904f59eea1603117f390a19aef8108b3b825ff0ceb5dc8d303980fe27abd3feb
90c7ec5f4ad3344c8d4b9d393722edfad6b8860a2eb5e0b0b7237e5b7b36ed8f
920b3298d1ede52cd3f118cd4177e36c305e7d8bb18be8ba94934247fbec444a
92226ed4f6a7339c0907876efc6866937908a0a090b2450a41f8ca1dcdaa20ce
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94242dd6e5adbf5b1cd263c733addc790097cd143baba708c32375d662b6bb52
9494a2132fd677a63d339a7d69c91efed0d6a2f5e54c2f3297bc39c9fd5e708f
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
94cd583302b8e72a39226ed3e0df95859bf3b5f38001a2844cf5be6844fda58d
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96a9be91b3778f8cc1c521ed444a86d3eab3e4f13c6fd9cabf4e159ccf787a63
9a185f7448b2d6a1893404fa5bd7de816fb0630c707e2b85cef3e1d57a8ea869
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9c086fc444fb5501bf925587c4607fe7f1828c3e6c951acc1680915a3d710f19
9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c
9d1060b36ad26018890386e72d752474d6ed4a9af1de1687412cde9cf2ccbe53
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9e5d7b09e791389be97784c6f9b16e2dc1a2d9937788d93fe8fff709bc395d59
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70b3701a063092ddbea33c0d45c853ac45347761ea8abd41c21adab3204928a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7366672c7309113ce12beb12478774bc7ed93bc3f066f38bb3bf5c57485e47f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a764d148ed30f4438f00f825263dc5aca2191e624cfbaab3d8a2e9ba438a1a92
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
aada4f36b8b83dbf1a5201c3b2cc3822d747c3ea94f551394883011671393ad3
ac4e21ecb681abbbc6c437b6d9f50df78d65acc6941b169b7559c1c7ac6e4e3a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adbe941a66b1fc0b0858f6e3fb85fbd6af7e25ea616b3f34a80a0868fdb302ad
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
ae9f1672fd0dfc348011765f7abf192657ebe0c1fb4389a3374c61ce65b25f0c
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b10777415487553c28f95d46402857b15d24ecf31f15b4b2f14f9e88c1ae2dbe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ed341b4979b506ed9d68732eb1734d8b8408124c05bc7268ba1faa23524f8e
b1fc6f6de986a4c57262eee7b840e221d886603ea4a091b6a9382c900220ca3c
b20768981df88d3ce9f772a9b9219af83d47fb02be0dbe914ccfa3b00e4d74a5
b20f0eae203d45dded1d3472131a0fc9ddf5279b18b7dc4a022e19011fc79378
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b64bfa67c1647ec8fd3a1aa2e4f3a0a1f68482bc478c2b84bff32ba4766ccfcc
b7c1cc09e2b61681af52a71b14d2e39fcf4643f516ef3a143141d0f1c6791e1e
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b7f071d2fe3aed9059170312e5b55b9edfe16093abee417b954a2c608a88837f
b997bb2e3817a57af4493e51679d9b8f7083fd8346bf45dfe5a0fdb3ecbd1020
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba128484ba1fbc530c738251c478208c9d2b6d45b4cdeac1cd50c623f75b5c1
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c09b896bfdbc6abc42a21805dcbd987fc7642063507290bf0df641e62c79e3c6
c1b769709c7a1439eedc46a01932515b74822565fd07f3aa2fe06d4800bbf9e6
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593
c5dcfa6664e8679ebbbf3c9199b1209335aeba9579932c33634e8d0e481f0522
c60843b4d55c731a72cb726011d162901f63910015a3cdac719a0f0c4e4faa9f
c7cdeee49b08393a9d6febccc8a7b8a0a805aece22d5c34442368166ee343813
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0f7fd908cfabf3f1a2e6b619e30e3641e29e5722e517964dc181d1688ade99
cb54f4d049a061aeeb518ed929368933228fb1f79149772e889b4beac323aeb4
cc0640a5ef49753a80cf60a50c133c1c1ab6a26e9cdf42469832c621b94d65be
cc38d8ed1e70a7399e778f8e1855d63f4dc33191e38244bd054d7d05ec029959
cd8cf69421dfd6d4c3ae153d58a333d6084cdc950ef29a86ea781aff05e42c21
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d43b1fff20668878ab71ab80fe07534a657f0e60a5cc3c1c87b833003749664a
d9f6af34cbf74347cc35ce04835485b5d4bb48bb961134c12396d8ff30d65821
daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de43592517be01dd001b89f7aa808a148c255ace344753dd50b99d51d2bba855
de4c3d20cb8c121c1a3c3c4c1db4330688899134e28fc7fe5fddddeea73debc8
de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4456346c8eec65785ebeb77127440fa8d579fd862be866b2fc91c7a25b9d592
e45d13ca7e69af031f470855d125c93f8ab8f95999a6c269b52ad8656ecb8d53
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e559326031fbc849ff642464258a71b343f68b2ed246bfe788dea583fd376776
e57abdf656bd29e1c65777dc030cfdeaab1a980e55f76d3ff86a815748381f6d
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08
e720e3f3d0db5a172731674177dfa8fd055f49ba259d4d62c7070f911ca0e07f
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
e7d17de64ab0cdb7bd8c7d44a4120cae54a9e3befc3bf6387f98b252e1b31680
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e90afefe008174901648b6984e3849d61ab51fcd2f9c260cb182f1b9eded2b4f
e930244c47fbfa3b3963868b7063142a53d74f6b6c274429c3ae3a62ba645143
ea77943a44248a45eac1f7b060ec21af450e85039f7937f3962e6cb6e01ddfb7
eae82b78cab1b9a962695ff864789192beedda6ac222aeea9e6dfe32f4348e98
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec0fb80708484107f4cb481294a19178c474583b98724520286944b7c6ee055e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667
edf5c889472fe10eff9637a67a5056eab2dd6fe8fb0789a6bc03fa84f616bb28
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef38ad7ab687550e83e103137644f808dcd038e5d8f1c21b494bb41ad553f4c7
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517
f225479eefa204069cfdaa35ec1275c381ac12cfa5b22b982416d42e39e05798
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3e4a30f839e78f295c480b425bb63738e42c3f8be3abc4c900de5087090bd7a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6222569a2d47ea5813af21f999009894a3ce26eecb2ab350993b9d418b0e454
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f71dcb232e2dd55f3cf1b7454d82c21be96071b048879a402aa8e225ab2a6de3
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fc0a5f0acb68fe853e2162e4eb078617e7d05e0b81a40dfbcdd9248473805e3c
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fe5bda77e4361c2facf5966bf1f462f8d6dd0b1c710f45abe310d052df9fdb60
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48