urlscan.io logo urlscan.io
SecurityTrails logo

news.walla.co.il Open in urlscan Pro
65.9.95.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://news.walla.co.il/
Effective URL: https://news.walla.co.il/
Submission: On October 16 via api from AT — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 12 countries across 121 domains to perform 743 HTTP transactions. The main IP is 65.9.95.98, located in United States and belongs to AMAZON-02, US. The main domain is news.walla.co.il. The Cisco Umbrella rank of the primary domain is 234540.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time news.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 65.9.95.15 16509 (AMAZON-02)
35 65.9.95.98 16509 (AMAZON-02)
15 172.217.16.194 15169 (GOOGLE)
5 142.250.185.200 15169 (GOOGLE)
6 65.9.95.96 16509 (AMAZON-02)
2 65.9.90.97 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
40 151.101.65.44 54113 (FASTLY)
2 93.184.220.66 15133 (EDGECAST)
3 172.217.18.14 15169 (GOOGLE)
14 34.160.198.118 396982 (GOOGLE-CL...)
2 195.181.175.41 60068 (CDN77 ^_^)
4 142.250.186.116 15169 (GOOGLE)
2 13.224.189.128 16509 (AMAZON-02)
1 13 142.250.186.34 15169 (GOOGLE)
1 13.224.189.112 16509 (AMAZON-02)
1 99.86.4.102 16509 (AMAZON-02)
18 157.240.0.6 32934 (FACEBOOK)
1 13.32.27.48 16509 (AMAZON-02)
2 188.114.96.3 13335 (CLOUDFLAR...)
2 52.4.34.232 14618 (AMAZON-AES)
1 151.101.2.202 54113 (FASTLY)
1 51.77.64.70 16276 (OVH)
3 157.240.0.35 32934 (FACEBOOK)
1 104.244.42.8 13414 (TWITTER)
2 74.125.133.154 15169 (GOOGLE)
1 216.239.32.21 15169 (GOOGLE)
2 142.250.185.70 15169 (GOOGLE)
1 2.19.229.53 16625 (AKAMAI-AS)
2 13 142.250.186.36 15169 (GOOGLE)
5 142.250.186.67 15169 (GOOGLE)
48 142.250.181.226 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
6 142.250.185.225 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
1 34.120.218.58 396982 (GOOGLE-CL...)
1 99.86.4.108 16509 (AMAZON-02)
5 54.72.191.61 16509 (AMAZON-02)
6 178.250.7.13 44788 (ASN-CRITE...)
2 13.32.27.21 16509 (AMAZON-02)
1 108.138.7.16 16509 (AMAZON-02)
26 172.217.18.97 15169 (GOOGLE)
3 141.226.228.48 200478 (TABOOLA-AS)
4 2.19.228.187 16625 (AKAMAI-AS)
1 20 104.22.68.131 13335 (CLOUDFLAR...)
1 104.16.85.20 13335 (CLOUDFLAR...)
2 172.67.75.241 13335 (CLOUDFLAR...)
4 216.52.2.91 30282 (AS-INAPCD...)
6 93.158.134.90 13238 (YANDEX)
12 89.149.192.192 60781 (LEASEWEB-...)
1 104.18.3.114 13335 (CLOUDFLAR...)
2 7 51.75.86.98 16276 (OVH)
6 34.149.20.76 15169 (GOOGLE)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 178.250.7.10 44788 (ASN-CRITE...)
1 184.30.21.51 16625 (AKAMAI-AS)
2 104.18.22.145 13335 (CLOUDFLAR...)
9 185.106.33.48 200478 (TABOOLA-AS)
4 4 138.201.8.249 24940 (HETZNER-AS)
1 5 3.75.62.37 16509 (AMAZON-02)
15 15 46.228.174.117 56396 (AMOBEE)
6 8 46.228.164.11 56396 (AMOBEE)
2 2 96.46.186.57 7979 (SERVERS-COM)
3 151.101.194.132 54113 (FASTLY)
7 142.250.186.130 15169 (GOOGLE)
3 8.2.110.114 46636 (NATCOWEB)
6 8 37.157.6.237 198622 (ADFORM)
2 178.250.1.17 44788 (ASN-CRITE...)
3 3 178.250.1.7 44788 (ASN-CRITE...)
3 3 178.250.1.9 44788 (ASN-CRITE...)
7 7 52.29.100.88 16509 (AMAZON-02)
6 7 2.16.238.146 20940 (AKAMAI-ASN1)
15 46 142.250.74.194 15169 (GOOGLE)
1 4 63.215.202.137 41041 (VCLK-EU-SE)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
6 6 213.155.156.166 1299 (TWELVE99 ...)
2 13.32.27.65 16509 (AMAZON-02)
1 3 185.86.139.103 201081 (SMARTADSE...)
2 54.93.44.146 16509 (AMAZON-02)
19 178.250.7.2 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
11 15.197.193.217 16509 (AMAZON-02)
2 6 52.19.114.225 16509 (AMAZON-02)
6 184.30.22.30 16625 (AKAMAI-AS)
29 178.250.1.15 44788 (ASN-CRITE...)
3 178.250.1.25 44788 (ASN-CRITE...)
1 52.20.141.80 14618 (AMAZON-AES)
3 3.230.86.123 14618 (AMAZON-AES)
1 172.217.18.10 15169 (GOOGLE)
17 23.53.42.193 20940 (AKAMAI-ASN1)
1 142.250.185.131 15169 (GOOGLE)
8 3.89.18.112 14618 (AMAZON-AES)
1 141.226.224.32 200478 (TABOOLA-AS)
3 17 104.18.27.193 13335 (CLOUDFLAR...)
1 1 23.201.255.110 16625 (AKAMAI-AS)
3 8 35.244.159.8 15169 (GOOGLE)
1 50.17.233.50 14618 (AMAZON-AES)
7 11 37.252.173.215 29990 (ASN-APPNEX)
8 108.59.7.249 30633 (LEASEWEB-...)
1 3.210.64.86 14618 (AMAZON-AES)
1 5 185.64.190.78 62713 (AS-PUBMATIC)
2 2 3.69.181.171 16509 (AMAZON-02)
1 2 52.46.143.56 16509 (AMAZON-02)
2 2 54.205.114.6 14618 (AMAZON-AES)
2 2 52.29.143.118 16509 (AMAZON-02)
1 34.227.12.45 14618 (AMAZON-AES)
11 185.64.191.210 62713 (AS-PUBMATIC)
2 4 67.220.228.200 16509 (AMAZON-02)
5 5 91.228.74.168 16509 (AMAZON-02)
8 198.47.127.205 62713 (AS-PUBMATIC)
7 7 52.208.23.16 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 64.95.96.108 32475 (SINGLEHOP...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 54.194.163.10 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 1 134.122.57.34 14061 (DIGITALOC...)
5 142.250.185.129 15169 (GOOGLE)
2 2.16.97.41 16625 (AKAMAI-AS)
4 4 3.121.79.42 16509 (AMAZON-02)
4 4 35.186.193.173 15169 (GOOGLE)
2 3 13.248.245.213 16509 (AMAZON-02)
1 104.17.24.14 13335 (CLOUDFLAR...)
40 142.250.186.166 15169 (GOOGLE)
1 144.76.104.53 24940 (HETZNER-AS)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 35.190.0.66 15169 (GOOGLE)
1 52.48.146.251 16509 (AMAZON-02)
2 198.47.127.20 3257 (GTT-BACKB...)
1 4 88.99.219.174 24940 (HETZNER-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
1 67.202.105.21 32748 (STEADFAST)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
1 23.88.86.2 24940 (HETZNER-AS)
1 104.22.25.87 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.170.64 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
3 69.173.144.165 26667 (RUBICONPR...)
2 178.250.7.12 44788 (ASN-CRITE...)
1 85.114.131.234 24961 (MYLOC-AS ...)
1 172.67.74.129 13335 (CLOUDFLAR...)
5 141.95.98.64 16276 (OVH)
1 185.86.139.116 201081 (SMARTADSE...)
1 18.184.216.208 16509 (AMAZON-02)
4 172.217.16.138 15169 (GOOGLE)
1 2.21.20.206 20940 (AKAMAI-ASN1)
3 172.217.23.98 15169 (GOOGLE)
2 23.82.15.161 30633 (LEASEWEB-...)
2 46.228.174.115 56396 (AMOBEE)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 52.31.175.73 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 35.227.252.103 15169 (GOOGLE)
1 69.173.144.137 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 54.72.18.200 16509 (AMAZON-02)
1 192.96.204.131 30633 (LEASEWEB-...)
2 34.95.69.49 396982 (GOOGLE-CL...)
743 139
1    65.9.95.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-15.prg50.r.cloudfront.net
news.walla.co.il
35    65.9.95.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-98.prg50.r.cloudfront.net
news.walla.co.il
15    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googleadservices.com
5    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
6    65.9.95.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-96.prg50.r.cloudfront.net
tags.dxmdp.com
2    65.9.90.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-97.prg50.r.cloudfront.net
static.chartbeat.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
40    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
pips.taboola.com
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net
www.google-analytics.com
14    34.160.198.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
2    195.181.175.41 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 824291365.fra.cdn77.com
web-sdk.smartlook.com
4    142.250.186.116 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f20.1e100.net
hb-dot-valuad.appspot.com
2    13.224.189.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-128.fra2.r.cloudfront.net
cf.dxmcdn.com
13    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
1    13.224.189.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-112.fra2.r.cloudfront.net
ecdn.analysis.fi
1    99.86.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-102.fra6.r.cloudfront.net
ecdn.firstimpression.io
18    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
1    13.32.27.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-48.fra56.r.cloudfront.net
cdn.unblockia.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
static.adoric.com
2    52.4.34.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-34-232.compute-1.amazonaws.com
ping.chartbeat.net
1    151.101.2.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
3    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
stats.g.doubleclick.net
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
tr.dxmcdn.com
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    2.19.229.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-53.deploy.static.akamaitechnologies.com
widgets.outbrain.com
13    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
5    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.at
48    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
ade.googlesyndication.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
6    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
1    99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net
cdn.firstimpression.io
5    54.72.191.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
event.dxmdp.com
6    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
loader.unblockia.com
1    108.138.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-16.fra56.r.cloudfront.net
t.unblockia.com
26    172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net
tpc.googlesyndication.com
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
4    2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
20    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    216.52.2.91 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    93.158.134.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
bs.yandex.ru
12    89.149.192.192 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    104.18.3.114 (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
7    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
1    178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
2    104.18.22.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
9    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
4    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
15    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
8    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
7    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
3    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
8    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
c1.adform.net
2    178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    178.250.1.7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    52.29.100.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-100-88.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    2.16.238.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-146.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
46    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
4    63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net
s.ad.smaato.net
3    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
2    54.93.44.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
match.sharethrough.com
19    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
11    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    52.19.114.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
29    178.250.1.15 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    52.20.141.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-141-80.compute-1.amazonaws.com
prd-collector-anon.ex.co
3    3.230.86.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-86-123.compute-1.amazonaws.com
collector.ex.co
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net
fonts.googleapis.com
17    23.53.42.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-193.deploy.static.akamaitechnologies.com
cdn.ex.co
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
8    3.89.18.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-18-112.compute-1.amazonaws.com
sync.ex.co
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
17    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
htlb.casalemedia.com
1    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
1    50.17.233.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-233-50.compute-1.amazonaws.com
vop.sundaysky.com
11    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    108.59.7.249 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-06.channelexco.com
1    3.210.64.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-64-86.compute-1.amazonaws.com
gpv.ex.co
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    3.69.181.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-171.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    54.205.114.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-114-6.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.29.143.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-143-118.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    34.227.12.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-12-45.compute-1.amazonaws.com
rtb.adentifi.com
11    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    52.208.23.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    54.194.163.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
5    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
cdn.ampproject.org
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
4    3.121.79.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-42.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
cm.ctnsnet.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
40    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
s0.2mdn.net
1    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal9000.redintelligence.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    52.48.146.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
match.360yield.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
4    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    178.250.7.12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    85.114.131.234 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de
cdn.contentspread.net
1    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
5    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
id5-sync.com
1    185.86.139.116 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
1    18.184.216.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-208.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
4    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
imasdk.googleapis.com
1    2.21.20.206 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-206.deploy.static.akamaitechnologies.com
creatives.sascdn.com
3    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
pubads.g.doubleclick.net
2    23.82.15.161 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
e.channelexco.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    54.72.18.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-18-200.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    192.96.204.131 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
a.channelexco.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com — Cisco Umbrella Rank: 349
569 KB
79 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
366 KB
53 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
trc.taboola.com — Cisco Umbrella Rank: 680
trc-events.taboola.com — Cisco Umbrella Rank: 2281
vidstat.taboola.com — Cisco Umbrella Rank: 3058
il-trc-events.taboola.com — Cisco Umbrella Rank: 20398
images.taboola.com — Cisco Umbrella Rank: 1964
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-match.taboola.com — Cisco Umbrella Rank: 15405
am-vid-events.taboola.com — Cisco Umbrella Rank: 13899
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
1 MB
51 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
csm.eu.criteo.net — Cisco Umbrella Rank: 9249
586 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
370 KB
36 walla.co.il
news.walla.co.il — Cisco Umbrella Rank: 234540
1 MB
33 ex.co
player.ex.co — Cisco Umbrella Rank: 11519
prd-collector-anon.ex.co — Cisco Umbrella Rank: 14715
collector.ex.co — Cisco Umbrella Rank: 11449
cdn.ex.co — Cisco Umbrella Rank: 12188
sync.ex.co — Cisco Umbrella Rank: 13028
gpv.ex.co — Cisco Umbrella Rank: 13054
2 MB
31 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581 Failed
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
105 KB
20 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
prebid.smilewanted.com — Cisco Umbrella Rank: 6260
static.smilewanted.com — Cisco Umbrella Rank: 10113
34 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
ads.eu.criteo.com — Cisco Umbrella Rank: 9209
ssp-sync.criteo.com — Cisco Umbrella Rank: 1344
dis.criteo.com — Cisco Umbrella Rank: 648
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658
115 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570 Failed
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
12 KB
16 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1721
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1818
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
www9.smartadserver.com — Cisco Umbrella Rank: 13506
6 KB
15 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 957
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 359
258 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
2 KB
14 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 99528
156 KB
13 rubiconproject.com
fastlane.rubiconproject.com Failed
eus.rubiconproject.com — Cisco Umbrella Rank: 662
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
token.rubiconproject.com — Cisco Umbrella Rank: 504
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5073
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
37 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261 Failed
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
25 KB
11 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 13122
s-06.channelexco.com — Cisco Umbrella Rank: 85484
e.channelexco.com — Cisco Umbrella Rank: 12312
a.channelexco.com — Cisco Umbrella Rank: 13764
25 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
2 KB
11 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
6 KB
11 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 46747
event.dxmdp.com — Cisco Umbrella Rank: 45696
133 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
3 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912 Failed
u.openx.net — Cisco Umbrella Rank: 739
us-u.openx.net — Cisco Umbrella Rank: 547
eu-u.openx.net — Cisco Umbrella Rank: 2959
2 KB
8 adform.net
cm.adform.net — Cisco Umbrella Rank: 1279
c1.adform.net — Cisco Umbrella Rank: 643
4 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
4 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
5 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
411 KB
7 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
1 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
4 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
4 KB
6 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
2 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
targeting.unrulymedia.com — Cisco Umbrella Rank: 966
2 KB
6 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
1 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41903
hal900029.redintelligence.net — Cisco Umbrella Rank: 288291
10 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
104 KB
5 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com — Cisco Umbrella Rank: 498
823 KB
5 google.at
www.google.at — Cisco Umbrella Rank: 20643
753 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
419 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
3 KB
4 ctnsnet.com
ipac.ctnsnet.com Failed
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
cm.ctnsnet.com — Cisco Umbrella Rank: 5170
2 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2114
934 B
4 dotomi.com
web.hb.ad.cpe.dotomi.com Failed
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
casale-match.dotomi.com — Cisco Umbrella Rank: 3530
491 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
681 B
4 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 14219
loader.unblockia.com — Cisco Umbrella Rank: 13934
t.unblockia.com — Cisco Umbrella Rank: 13652
36 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 74994
122 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
42 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
1 KB
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3356
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
sync.teads.tv — Cisco Umbrella Rank: 1584
708 B
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
creativecdn.com — Cisco Umbrella Rank: 646
906 B
3 3lift.com
tlx.3lift.com Failed
eb2.3lift.com — Cisco Umbrella Rank: 434
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
26 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
15 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
124 KB
3 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 57831
tr.dxmcdn.com — Cisco Umbrella Rank: 48161 Failed
125 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
25 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
551 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
938 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
497 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
585 B
2 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6982
689 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
3 KB
2 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
472 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
1 KB
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
47 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
401 B
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 229141
app.adoric-om.com — Cisco Umbrella Rank: 53462
54 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 31165
cdn.firstimpression.io — Cisco Umbrella Rank: 29900
104 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 24211
22 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 752
196 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
1 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1168
254 B
1 sascdn.com
creatives.sascdn.com — Cisco Umbrella Rank: 13557
388 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12024
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 97068
71 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4613
463 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3315
419 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7788
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
199 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
552 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
173 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
5 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
555 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
793 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
664 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1274
35 B
1 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2759
365 B
1 gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
16 KB
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1821
318 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 56775
16 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2100
1 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
175 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 35193
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111730
277 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 erne.co Failed
green.erne.co Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 loopme.me Failed
csync.loopme.me Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
743 121
Domain Requested by
46 cm.g.doubleclick.net 15 redirects 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
u.openx.net
46 pagead2.googlesyndication.com cdn.unblockia.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
www.googletagservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
40 s0.2mdn.net news.walla.co.il
s0.2mdn.net
imasdk.googleapis.com
36 news.walla.co.il 1 redirects news.walla.co.il
29 imageproxy.eu.criteo.net ads.eu.criteo.com
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
news.walla.co.il
ad.doubleclick.net
22 images.taboola.com
19 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
cdnjs.cloudflare.com
17 cdn.ex.co player.ex.co
cdn.ex.co
14 images.wcdn.co.il news.walla.co.il
13 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
13 www.google.com 2 redirects news.walla.co.il
tpc.googlesyndication.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
13 securepubads.g.doubleclick.net news.walla.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
12 prg.smartadserver.com cdn.valuad.cloud
cdn.ex.co
12 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
11 simage2.pubmatic.com ads.pubmatic.com
11 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
ads.stickyadstv.com
ssum-sec.casalemedia.com
ads.pubmatic.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
u.openx.net
csync.smilewanted.com
cdn.ex.co
11 sync.1rx.io 11 redirects
11 cdn.taboola.com news.walla.co.il
cdn.taboola.com
12890047.adoric-om.com
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
9 il-trc-events.taboola.com cdn.taboola.com
9 ib.adnxs.com cdn.valuad.cloud
googleads.g.doubleclick.net
csync.smilewanted.com
acdn.adnxs.com
9 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
news.walla.co.il
8 image2.pubmatic.com ads.pubmatic.com
8 sync.ex.co cdn.ex.co
ads.stickyadstv.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 match.prod.bidr.io 7 redirects
7 p.channelexco.com cdn.ex.co
7 ads.stickyadstv.com 6 redirects cdn.ex.co
7 x.bidswitch.net 7 redirects
7 www.googletagservices.com securepubads.g.doubleclick.net
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
7 onetag-sys.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 eus.rubiconproject.com am-match.taboola.com
cdn.ex.co
cdn.valuad.cloud
eus.rubiconproject.com
6 pr-bh.ybp.yahoo.com 2 redirects am-match.taboola.com
imprammp.taboola.com
ads.pubmatic.com
ssum-sec.casalemedia.com
6 d5p.de17a.com 6 redirects
6 ad.turn.com 6 redirects
6 ssc.33across.com cdn.valuad.cloud
6 prebid.smilewanted.com cdn.valuad.cloud
6 bs.yandex.ru cdn.valuad.cloud
6 gum.criteo.com cdn.taboola.com
static.criteo.net
gum.criteo.com
cdn.valuad.cloud
6 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 tags.dxmdp.com news.walla.co.il
tags.dxmdp.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cms.quantserve.com 5 redirects
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
5 www.google.at news.walla.co.il
5 www.googletagmanager.com news.walla.co.il
www.googletagmanager.com
4 imasdk.googleapis.com cdn.ex.co
imasdk.googleapis.com
4 hal900029.redintelligence.net 1 redirects 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
hal900029.redintelligence.net
4 googleads4.g.doubleclick.net news.walla.co.il
4 pm.w55c.net 4 redirects
4 us-u.openx.net 1 redirects googleads.g.doubleclick.net
u.openx.net
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
u.openx.net
4 ssum-sec.casalemedia.com 1 redirects cdn.ex.co
ssum-sec.casalemedia.com
js-sec.indexww.com
4 sync.targeting.unrulymedia.com 4 redirects
4 ups.analytics.yahoo.com csync.smilewanted.com
imprammp.taboola.com
ads.pubmatic.com
googleads.g.doubleclick.net
4 sync.richaudience.com 4 redirects
4 ap.lijit.com cdn.valuad.cloud
csync.smilewanted.com
4 ads.pubmatic.com cdn.valuad.cloud
cdn.ex.co
ads.pubmatic.com
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 id5-sync.com cdn.ex.co
3 token.rubiconproject.com eus.rubiconproject.com
3 eb2.3lift.com 2 redirects cdn.valuad.cloud
3 gcm.ctnsnet.com 3 redirects
3 u.openx.net 2 redirects cdn.valuad.cloud
3 collector.ex.co player.ex.co
3 csm.eu.criteo.net ads.eu.criteo.com
3 dis.criteo.com 3 redirects
3 ssp-sync.criteo.com 3 redirects
3 us.ck-ie.com csync.smilewanted.com
3 player.ex.co news.walla.co.il
player.ex.co
12890047.adoric-om.com
3 www.facebook.com news.walla.co.il
3 connect.facebook.net news.walla.co.il
connect.facebook.net
3 www.google-analytics.com news.walla.co.il
www.google-analytics.com
www.googletagmanager.com
2 i.clean.gg cadmus.script.ac
2 ade.googlesyndication.com
2 targeting.unrulymedia.com cdn.ex.co
2 e.channelexco.com cdn.ex.co
2 lb.eu-1-id5-sync.com cdn.ex.co
2 rtb.fr3.eu.criteo.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
2 creativecdn.com 2 redirects
2 secure.adnxs.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 a.tribalfusion.com 1 redirects 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.teads.tv googleads.g.doubleclick.net
2 pixel-sync.sitescout.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 sonata-notifications.taptapnetworks.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 1f2e7.v.fwmrm.net 2 redirects
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 match.sharethrough.com csync.smilewanted.com
2 s.ad.smaato.net 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
2 dsp.adfarm1.adition.com 2 redirects
2 dclk-match.dotomi.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
2 r.turn.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
2 ads.eu.criteo.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
2 cm.adform.net 1 redirects csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 cadmus.script.ac script.4dex.io
news.walla.co.il
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 trc.taboola.com cdn.taboola.com
2 loader.unblockia.com 12890047.adoric-om.com
2 scontent.xx.fbcdn.net www.facebook.com
2 ad.doubleclick.net news.walla.co.il
pagead2.googlesyndication.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 ping.chartbeat.net news.walla.co.il
2 www.googleadservices.com www.googletagmanager.com
2 cf.dxmcdn.com tags.dxmdp.com
2 web-sdk.smartlook.com news.walla.co.il
web-sdk.smartlook.com
2 platform.twitter.com news.walla.co.il
platform.twitter.com
2 static.chartbeat.com news.walla.co.il
1 a.channelexco.com
1 ads.yieldmo.com cdn.ex.co
1 prebid-server.rubiconproject.com cdn.ex.co
1 prebid.media.net cdn.ex.co
1 id.crwdcntrl.net cdn.ex.co
1 api.rlcdn.com cdn.ex.co
1 creatives.sascdn.com
1 optimized-by.rubiconproject.com cdn.ex.co
1 www9.smartadserver.com cdn.ex.co
1 s-06.channelexco.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 cdn.contentspread.net hal900029.redintelligence.net
1 ads.playground.xyz 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 eu-u.openx.net u.openx.net
1 js-sec.indexww.com cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 match.360yield.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 tr.blismedia.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
1 hal9000.redintelligence.net 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 gpv.ex.co 12890047.adoric-om.com
1 vop.sundaysky.com
1 ssbsync-global.smartadserver.com cdn.ex.co
1 secure-assets.rubiconproject.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 prd-collector-anon.ex.co player.ex.co
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 ssbsync.smartadserver.com 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
1 pixel.advertising.com 1 redirects
1 vidstat.taboola.com cdn.taboola.com
1 a.teads.tv cdn.valuad.cloud
1 rtb.openx.net cdn.valuad.cloud
cdn.ex.co
1 bidder.criteo.com cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
cdn.ex.co
1 htlb.casalemedia.com cdn.valuad.cloud
cdn.ex.co
1 mp.4dex.io cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 trc-events.taboola.com cdn.taboola.com
1 t.unblockia.com cdn.unblockia.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 region1.google-analytics.com www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 widgets.outbrain.com news.walla.co.il
1 tr.dxmcdn.com cf.dxmcdn.com
1 syndication.twitter.com platform.twitter.com
1 pro.ip-api.com news.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 12890047.adoric-om.com news.walla.co.il
1 cdn.unblockia.com news.walla.co.il
1 ecdn.firstimpression.io news.walla.co.il
1 ecdn.analysis.fi news.walla.co.il
1 cdn.valuad.cloud news.walla.co.il
0 csi.gstatic.com Failed imasdk.googleapis.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 a.audrte.com Failed ads.pubmatic.com
0 green.erne.co Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 b1sync.zemanta.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 fastlane.rubiconproject.com Failed cdn.valuad.cloud
0 web.hb.ad.cpe.dotomi.com Failed cdn.valuad.cloud
0 hb-api.omnitagjs.com Failed cdn.valuad.cloud
0 tlx.3lift.com Failed cdn.valuad.cloud
743 214

This site contains links to these domains. Also see Links.

Domain
www.walla.co.il
weather.walla.co.il
mail.walla.co.il
sports.walla.co.il
e.walla.co.il
finance.walla.co.il
healthy.walla.co.il
food.walla.co.il
celebs.walla.co.il
travel.walla.co.il
tech.walla.co.il
b.walla.co.il
fashion.walla.co.il
cars.walla.co.il
www.sheee.co.il
home.walla.co.il
fun.walla.co.il
help.walla.co.il
nadlan.walla.co.il
mekomi.walla.co.il
marketing.walla.co.il
gaming.walla.co.il
mazaltov.walla.co.il
horoscope.walla.co.il
law.walla.co.il
judaism.walla.co.il
walla.co.il
tld.walla.co.il
calendar.walla.co.il
yoram.walla.co.il
vod.walla.co.il
viva.walla.co.il
www.jpost.com
dcx.walla.co.il
www.tiktok.com
www.instagram.com
twitter.com
www.facebook.com
beauty.walla.co.il
seniors.walla.co.il
doral.walla.co.il
stayinghealthy.walla.co.il
cannabis.walla.co.il
b144.walla.co.il
galil.walla.co.il
showbiztip.walla.co.il
yarokkl.walla.co.il
sanofi.walla.co.il
special.walla.co.il
mimsheletbennet.walla.co.il
play.google.com
itunes.apple.com
www.wallashops.co.il
career.walla.co.il
fantasy-sport1.walla.co.il
now.walla.co.il
zoom.walla.co.il
tv-guide.walla.co.il
holidays.walla.co.il
www.b144.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
paisculture.walla.co.il
www.drushim.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
madaney.walla.co.il
eilat.wallashops.co.il
www.wallatours.co.il
www.wallaprint.co.il
apps.walla.co.il
www.alm.co.il
www.callofwar.com
popup.taboola.com
trc.taboola.com
www.aquilea.com
click.gamingtrk.com
www.boersenwissen-aktuell.de
shefence-citional.com
software-dealz.de
bredings-person.com
tags.walla.co.il
www.oref.org.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
valuad.cloud
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.unblockia.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
syndication.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
tr.dxmcdn.com
GTS CA 1D4		 2023-09-03 -
2023-12-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.at
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
adoric.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.adoric.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2023-06-08 -
2024-07-09		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.ex.co
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.sundaysky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-11 -
2024-07-11		 a year crt.sh
*.channelexco.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
contentspread.net
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh

This page contains 109 frames:

Primary Page: https://news.walla.co.il/
Frame ID: D8BA31291EE648FEDED51E2F110CFC09
Requests: 278 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fnews.walla.co.il
Frame ID: 83BB54E21280EE3D6518238F02ABC269
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Frame ID: 5A8F26988ECFD0C386EA018EFAA42A11
Requests: 16 HTTP requests in this frame

Frame: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F18ADFC9325265F0445EF04990DB6E2
Requests: 1 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 2472036208494200E2A72082C2F24DE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7549A10F8B96631B27E951EAC0123D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5BA7B673F331C738B554A642F99FDD91
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 02270669BADDA5BECA3846F8A38110FA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 61A188921A16FE113022CB3375E5F2EE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 78B740D461601F6A65705D143886747E
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
Frame ID: 850B582341F585D9E3D10F231D9DA27A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003
Frame ID: 4906C536772D8F7CD8133BB0B8A94E94
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/6093f3e9-54fc-5321-8fee-125beac2e378
Frame ID: 64B0E29382171F56D8E6FC4D05567ED0
Requests: 1 HTTP requests in this frame

Frame: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C1A0A6A114F88F71ED184BD777887504
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5kp3d4nBvU27jdL8qSwFRnH2_Ju2zd-cZV_LAyfKs24TotEdFw0Lf5PZw6junBu_FnHUYiJEin2FZUYw3AL0WGDpsW9c0QjsnOCrOUtSrw-ydHTEUsR0TwIhpZglicfy3P5rDzr90rzdc62R1ePXqpfK-SmiKLa5oMMEU8RP85XELWiITYnzagqHTKvT3h05Bh35X6VV1lGZGmwQ2lUavDRdl3DknOKwi8_hIk-8AAKuzNUou5MFZsmhU7nqU7CKKHREOu8FGfZMzSkfDNSIuN5fyzYgZQalOJjZQev4KXCLImogQ8N_cCyNeeLXQECpkjH__JPVNIWdpgkWmXSFX3_H42wN9V5jK8UkTOILrPXXuxwcTHd9olvf_SokhRcURsog&sai=AMfl-YSOKtY-tqv0cKhpwgmaCVZAuxIgmAw5N-8Lmcg4D7DNReN1e4QMqXPXnSB-bwWDaRwq4stIg2hmM52KwhYqs9ihn8iJWtEi5tATZdJmo4cE3rw1pN8ZNNWX2mmmWg&sig=Cg0ArKJSzM9cjkzFtpclEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DBB828C8F33386AA45DBF30164D7FED8
Requests: 7 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 637D62B7810FD377BCA5B9EA8C681E50
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 255F1CFE637C8D49FA00547A6CB07A17
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: A1B9E739CD8379AEB86CBDF12128B796
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E9B42D8BDFD1245203FCDC3DD3CDD64
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-zOJaymkC9oQRbk9_t6xMy47ZdKGvFG4mv_h2OA
Frame ID: 5B692028E7DB41A2E23A1172F34F05AB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/285ca19b64d6815af85768658dd7eb3?gdpr_consent=&gdpr=0
Frame ID: 7A11A30BBD16893B463729C13C19ABDC
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 1543001D79A5E0A76490ACBBC9A5512C
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&cmcv=&pix=undefined&cb=1697444128482&uv=144919427&tms=1697444128482&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!strtimdtprd3_vD!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=c7050676-ede6-4290-b347-1a42effc0151&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 15C4EC0544F949073915A2DAAF6EFD6D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B007EF9176BF1BA790821A33BB4A7A5C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 729821C4E7F79E18593337A0F5C076D0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C352108339&gdpr=0&gdpr_consent=
Frame ID: 713C6EB13538A2190CB09A2F0948148B
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Frame ID: F947253A144E7DC11846CA6795E99B1B
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Frame ID: 0E09E7A07D378778CA64582FDBD9A392
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Frame ID: 04A5095E9755FFDD565C708BE6AA7209
Requests: 3 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Frame ID: E1B823D0577424FC5393904901411A14
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Frame ID: CB6AA5E4FE1AD247938E293F9226BCC5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.walla.co.il
Frame ID: DEB01FE6A1EF8FB1FC1CA08E7CE3A5E2
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 809C1C30FD93EC387D786B344F3E9A9F
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=285ca19b64d6815af85768658dd7eb3
Frame ID: 5F22534B753AFCE58B12A3C0478AC799
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 32CD74DA9FBF1E8070FA15ED8C05F27D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A8EB694235AF77B84B30931D4B83E905
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K
Frame ID: 9C4F734F10B6D7F1D4353454069E1001
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7291242071810221903&gdpr=0&gdpr_consent=
Frame ID: ED80CAEA29C6B7BA462BF8B6768E72B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290467016559032476&gdpr=0&gdpr_consent=
Frame ID: 1DCA9FE14797D0E93C686009C7B91AA6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: F58218632126E9F343AB3F9C8308D0AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BP0vYBiRWqRVKb_xI9rcS8IjeXE&gdpr=0&gdpr_consent=
Frame ID: 4D6237C7D5AD82AC1545108E30DFBEB7
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Frame ID: 915C14B3453C720E926C556C6FD65D1D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 59ED031724767208010613C3E628FCBF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACTOk7KWeIAABiS_wrVow&gdpr=0&gdpr_consent=
Frame ID: DBCB168EBDE0394B90C41D5F3E172293
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: B33B0E50D1CBD45F8D49EB4571579318
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf9016e17f9ee404aba58648459cd4843
Frame ID: 11E7DE8F96F418938A6DDCFEBCFAD66B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 531FCF244761DB3FED05DDDC82A1972D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=340348770347379010
Frame ID: DB9B242B71B2EFD55391FA81FD5B267B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 152A982853F4FF7F41DAE9289C0902FE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421644902826
Frame ID: EEE201091431236DDF0E944D9A39F719
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CEBF4C080B85BAE24AC0FA59602A1F18
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: E06DEFE72F48D56F3D8617A138459375
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: 42606B001420316BBF70A4594141ECBB
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C7E7BC18-34D3-4297-BB25-D52CD968471E
Frame ID: 7E5D1B1105D2940CEDD21B611D1F18CE
Requests: 1 HTTP requests in this frame

Frame: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6740D19719A65F3126EE967A3097CFEA
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: C6A0B8B4CC0A1714E73A0F27AF82A0E7
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHY2IPoRvIm-1IlD3Md77X47PXBMpClRK6hZk6weBCg8qnoVpIy8s41C57trmocaNMEXPsrQeaQKkTOjFuE5lBxgidkpaPwXgFi7i8SqQQ27sCjr8QbM5Cb42M1b6aMcH_YymoHbnzUWsYx40LUX-Din86X_MEhpZT0XJUFil5nhnqiiAJ6GQl0M4vhhukUvlxCnWcwWed_fWoNYP14_KZ022S591JDH8BDJdMrsEwshHV0i0x7zsr8IsD0bb9kT8-lmoXgGHhFqtGuTO47MgZidH1sxbdFzzp_J6M2eQyvB9xEoiRcWIkfdgDLxB1aSFGzrBSe3ZNP2Xi_KT39NDLhvCeuZZJp8Qzk4q3-qaQreVQvgyK0T2n8zBZ50VR-kHKM415TQoBKO2fyilYtmZcy5jX1gUfIA&sai=AMfl-YT8mSC2Q47OlsnZOpdLr63EWb_FWJSF_VRH9e9XILulBCdFXgTXZ60VwtifmjY8Kj-AqUU4mXaPdw33yjD2I5HLQBN0kRsNVT7WUX0BuM6tphNm1y9FYn0YTWXIWA&sig=Cg0ArKJSzLpd0THHlry-EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E9F9ED59768DC7CBF409B4C5A7C1FA36
Requests: 8 HTTP requests in this frame

Frame: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5902A7C79AC010F046F6B170DB59D14E
Requests: 20 HTTP requests in this frame

Frame: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5700664F369F360509EF232360B9316A
Requests: 16 HTTP requests in this frame

Frame: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AB87EAA31FCCE9995BA51E0407CD2987
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGOOWwfcBMAE&v=APEucNVmx7JdTuzPyeShQifZNPTwGHi4F0EHmf-6q5FcdIzNVS5k1wduL2zaKBR0H_WYw_9-iHTkIDDSI-uiXyPINSMz4FCejQS_fLrBGRUzXPSseqEqo9LbaYZcfN5p4iOeRTqUOOx7nKKtkyIsghykP-KP529EsCeEOLJBnj8GtKvkmn5rMlQ
Frame ID: 2C6F0B80587B7644354B2D24C7FA0573
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGMqUwfcBMAE&v=APEucNUN1kOK-xlwWnSFLzhw8LT7UKnJf3kvES9M6KGNVDqVYghXHtwHX2JFqmAJobEs2bOwHQPTOq6GEoyYuLC-1s3-RMnFlBMYe1rqoCd-ga2OHKbjbcuif7Gw8fyIOp5TUvNbT6IvSOnAgGEImI4Ep38KTA3bSKnVItQNW8Pa6ZTnbvehsWs
Frame ID: A12A3DB07AA012AF3D62D84132B23B56
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjGi4nGATAB&v=APEucNUq2qFtTbMxnv_kgURfI6UxE3iVzulIRj5STRQWLoQ03xXj0i2z5VbYKgiragb2TBuGQ9vI2DQ_9YAYn0_1UTfehBK18itBXzajhierfxta__LAU7fCpc473En2v-TLVOVYLYhH1zEP2--WMEf9AtSTOvk-3YRUO8y0zKIT7BjF8uv5xQE
Frame ID: 2A2FA576D073A9D0249B56A30902B6AB
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: BB683BB07517243A820A15485E45F367
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E4129B5672367D9BF1BA2C333AE04BB4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F2D55DD2C5BE41273328FD0D4860381E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 513F1A5FF3CB1A04CF390BB3025270C3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C5A1C55F3C412CC77CD3AE5D49DA5516
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 11EA9BB3515D30A4D624040305E5D643
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Frame ID: 574451333989DC77287898CD3C01B723
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Frame ID: F7D25530276F4DC040E9B29A6DBB195A
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9C0CE27EE99CF17015C198744A4299FA
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 173395BAC1BEC90C617A4E8DE9A17B30
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0F325167E90EAB485B08F1A7FAC0416F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 755E3F8A7DBEDAAB3E7527F411E0A757
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 18B4839B7173E347AC165CBDA48FC6EB
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5FB43F5CF62CBD31F169C67964E5F46B
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 4A8102833CCFA3C7A94C65E03AC187BF
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B8BEFDC35A4120439EF1B7FE8AB4D4BE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697444129117
Frame ID: EC53023A88D35E5F05CA1EA36C9C4934
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 6BA41362DDAED7C2D2DA44BBF097FC4D
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent=
Frame ID: 75A2139BE792E25FEE8767D2F0730230
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 6151B82E7975F5B1B982BCF0B1790896
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1A3D2FFE27267EA1632C1134E74B9BDD
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3A6A5390789A7F71F904D1486B4E9405
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9BD76A46B7904DDBA4E5E1ABB6B9886F&gdpr=0&gdpr_consent=
Frame ID: 6E84E282C95E6E0BD2BF0D3C30815E28
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b43a93e9-1172-4312-bfb6-200c0f053944-003
Frame ID: FD2C634BACC861F6DEEEA132A9DB014B
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C7E7BC18-34D3-4297-BB25-D52CD968471E
Frame ID: E22923F82EF8E72D72D7F9972BA0D37E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 7977C1DEBED4A24B6B3E46BB6FEFBDAE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 9DBEDDF73FE05006EBF2AA512E120464
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 68D31F98444D1F1E054F2892ACCD8A3C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/richaudience/d53051fb-850a-4eeb-bf70-1zz1697444118
Frame ID: C32C05AB6A14FF2F1084B761EC98B5C3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4331228036
Frame ID: 3B4A9BA9FA72499B6D0E0C83AB76D853
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 58253A85D134D0DAFCEE7131E9F75AC0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/5445555529033447467
Frame ID: EB89ADB06447CC95EEB0A7A627C440C9
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: ADF20FE1BF64A1AD7128A971F3890913
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: F9F9034FE84E17F4ADA87299D5757AD3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gLJK0P9m0azHUlc3elHd?pi=smilewanted&tc=1
Frame ID: D3005011B10B49D2C7FC7E6900FCADA4
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=55d91c28205fdea1159c1a46316eed1f
Frame ID: 1F737C6ECAB6BADF22B3AD28B4A37AB0
Requests: 1 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=76803500040185604439986012479029&a=6b8c143d
Frame ID: 29E67FF514646563207CCE5488590A38
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E88968961230CE52B75BEC96A65D2F6
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5827E8CF88AEDE4DECFDB696748574B3
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Frame ID: 43D7762946A3A2B9180F8CA622EAAA0E
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: DDD72AA53A60574A45EB46FD1D85520B
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 2506F867553572A868C5180ABB54035B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D87FFA66B11571C3D608959B9FC4A8FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 91DC3C9952D4339620B682AB53061105
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 24EED00A50AFCFBA41E49A8A9D98D972
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DDAD23F2D64A6774FC79194A079B5178
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

חדשות מהארץ ומהעולם: כתבות ודיווחים שוטפים 24/7 - וואלה! חדשות

Page URL History Show full URLs

  1. http://news.walla.co.il/ HTTP 301
    https://news.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

743
Requests

86 %
HTTPS

0 %
IPv6

121
Domains

214
Subdomains

139
IPs

12
Countries

11085 kB
Transfer

27805 kB
Size

134
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.walla.co.il/ HTTP 301
    https://news.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1760432379.1697444126&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HfEsZdjrLZiM7_UP2_aLkAw&sscte=1&crd=&eitems=ChEI8L6zqQYQ5cOL2cCIzf3NARIdAHvXkMEvn6V3KN4PMsped_8vLEJxR7R-9a5aUfE&pscrd=Ek9DaEVJOEw2enFRWVEwNV8tazdHeC04VFVBUkltQUtyMEw5dWI2eEE0T0U1ZkNxMFd5M0N6bHFURDlFYmVhaDdXcnBhNFk5cFg0amFkMGtnGlpDaEVJOEw2enFRWVFfYjI2d1kyR244X2tBUkl1QUJhX0dsLU16Q3BRQXdBVXRza0w4R0RvSmdwTnNtdzdpTHgySC1ULTcwYjlKZGFlakZOZ0llTUxobTh4b3ciEwiY7pCRkPqBAxUYxrsIHVv7AsI HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1760432379.1697444126&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEw2enFRWVEwNV8tazdHeC04VFVBUkltQUtyMEw5dWI2eEE0T0U1ZkNxMFd5M0N6bHFURDlFYmVhaDdXcnBhNFk5cFg0amFkMGtnGlpDaEVJOEw2enFRWVFfYjI2d1kyR244X2tBUkl1QUJhX0dsLU16Q3BRQXdBVXRza0w4R0RvSmdwTnNtdzdpTHgySC1ULTcwYjlKZGFlakZOZ0llTUxobTh4b3ciEwiY7pCRkPqBAxUYxrsIHVv7AsI&is_vtc=1&ocp_id=HfEsZdjrLZiM7_UP2_aLkAw&cid=CAQSKQDICaaNxt2Grt6SA7J5PFrFScb1i2jF54N7dGRLLGD12hs2KKHf5HIX&eitems=ChEI8L6zqQYQ5cOL2cCIzf3NARIdAHvXkMGfY7d2S3G2todDR6e-guwce8ztcFJ4Vtk&random=2769877000 HTTP 302
  • https://www.google.at/pagead/1p-conversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1760432379.1697444126&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEw2enFRWVEwNV8tazdHeC04VFVBUkltQUtyMEw5dWI2eEE0T0U1ZkNxMFd5M0N6bHFURDlFYmVhaDdXcnBhNFk5cFg0amFkMGtnGlpDaEVJOEw2enFRWVFfYjI2d1kyR244X2tBUkl1QUJhX0dsLU16Q3BRQXdBVXRza0w4R0RvSmdwTnNtdzdpTHgySC1ULTcwYjlKZGFlakZOZ0llTUxobTh4b3ciEwiY7pCRkPqBAxUYxrsIHVv7AsI&is_vtc=1&ocp_id=HfEsZdjrLZiM7_UP2_aLkAw&cid=CAQSKQDICaaNxt2Grt6SA7J5PFrFScb1i2jF54N7dGRLLGD12hs2KKHf5HIX&eitems=ChEI8L6zqQYQ5cOL2cCIzf3NARIdAHvXkMGfY7d2S3G2todDR6e-guwce8ztcFJ4Vtk&random=2769877000&ipr=y
Request Chain 219
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F&rd=1 HTTP 303
  • https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
Request Chain 227
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697444134235 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5158842444 HTTP 302
  • https://sync.1rx.io/usersync/turn/2793941312454047967?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003
Request Chain 235
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-8432154746699774259 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/6093f3e9-54fc-5321-8fee-125beac2e378
Request Chain 263
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=018ac023-6a8a-41bd-8c00-8ee9c32fb839&dised=true&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=fbkNSF9kNnNWJTJCN1F5MFZuRVdVQiUyQkRtbEZBaiUyQkRmc0JJRUJjeTFYd0tTbzFRUlU3TGZGJTJCMmFOUVdLY0xlUUt6ZGlwWG8lMkJOZGdzRkU4UDVvelclMkZ5RjVWc04yVVhveUVPbnEwZ0dmaXhsVjhZWWVqTmluUWk1NXMxdDViSWZzTzg5NlVCQzNXSGxiSk5CYmdxVlc4VE40NHNaTXBRSyUyRkEwQ3NVYVc1eDhReGRVeTVKRDFQNVN0anY3QkU0Z1JMbmdTZzZLcw&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-WqRBuWkC9oQRbk9_t6xMy47ZdKE7pe3uVzFomQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=fbkNSF9kNnNWJTJCN1F5MFZuRVdVQiUyQkRtbEZBaiUyQkRmc0JJRUJjeTFYd0tTbzFRUlU3TGZGJTJCMmFOUVdLY0xlUUt6ZGlwWG8lMkJOZGdzRkU4UDVvelclMkZ5RjVWc04yVVhveUVPbnEwZ0dmaXhsVjhZWWVqTmluUWk1NXMxdDViSWZzTzg5NlVCQzNXSGxiSk5CYmdxVlc4VE40NHNaTXBRSyUyRkEwQ3NVYVc1eDhReGRVeTVKRDFQNVN0anY3QkU0Z1JMbmdTZzZLcw&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-WqRBuWkC9oQRbk9_t6xMy47ZdKE7pe3uVzFomQ HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=fbkNSF9kNnNWJTJCN1F5MFZuRVdVQiUyQkRtbEZBaiUyQkRmc0JJRUJjeTFYd0tTbzFRUlU3TGZGJTJCMmFOUVdLY0xlUUt6ZGlwWG8lMkJOZGdzRkU4UDVvelclMkZ5RjVWc04yVVhveUVPbnEwZ0dmaXhsVjhZWWVqTmluUWk1NXMxdDViSWZzTzg5NlVCQzNXSGxiSk5CYmdxVlc4VE40NHNaTXBRSyUyRkEwQ3NVYVc1eDhReGRVeTVKRDFQNVN0anY3QkU0Z1JMbmdTZzZLcw&u=f70dbbc5-2770-44f5-ae4e-b70c0dd21654 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-zOJaymkC9oQRbk9_t6xMy47ZdKGvFG4mv_h2OA
Request Chain 264
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/285ca19b64d6815af85768658dd7eb3?gdpr_consent=&gdpr=0
Request Chain 266
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1&google_push=AXcoOmTlRL9U8Xb9AQtvdh5lFhHQgf_mMrCUd7x1q3a8sYnsahrUeK6HwivEjNBBnoV3Z6tdJH4lTZtbQEuXaVxIB7oXErSE-qqFAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODMyNzE3NzUwNDE0Mzc1MTM5MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
Request Chain 268
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPSfaBOYgjAX7DmXhCg5A98&google_cver=1&google_push=AXcoOmTyC9X9bwm6WHc0t24L9a4UQKrUD2u104FahDkX1wcKtABHZ-juaPsQAaTVofFvCwaQxs_-6X4ULDXp6UE0thQtSyqxb8er HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDQ2NzAxNjU1OTAzMjQ3Ng%3D%3D&google_push=AXcoOmTyC9X9bwm6WHc0t24L9a4UQKrUD2u104FahDkX1wcKtABHZ-juaPsQAaTVofFvCwaQxs_-6X4ULDXp6UE0thQtSyqxb8er
Request Chain 269
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2eMevnUKg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2eMevnUKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2eMevnUKg
Request Chain 272
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHJO3Uy5Ho_eNmj1I7d64dk&google_cver=1&google_push=AXcoOmTdm9j67dL77lUu45t-7L5Xl9up8ohoxDyQYnAJvm1YPM-PLXLVH-reav5BmUIs7w1zhniBKQTWAqNKKFxkCYC3qprKg4neLmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTdm9j67dL77lUu45t-7L5Xl9up8ohoxDyQYnAJvm1YPM-PLXLVH-reav5BmUIs7w1zhniBKQTWAqNKKFxkCYC3qprKg4neLmg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 346
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Request Chain 347
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Request Chain 350
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5ee890ad-3ab4-413b-b370-c5434ef61a2a
Request Chain 352
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1697444134621 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5182682071 HTTP 302
  • https://sync.1rx.io/usersync/turn/2793941312454047967?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003
Request Chain 353
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7291242071810221903
Request Chain 361
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=285ca19b64d6815af85768658dd7eb3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv285a_7291037504216595703&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 364
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSzxIjI5J1C5GBqQA8vXMQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGqnZNpYRK-HRs8lOoJQrY4&google_cver=1
Request Chain 366
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 368
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=BP0vYBiRWqRVKb_xI9rcS8IjeXE
Request Chain 370
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_81d41e87-4b8e-49ff-aa5a-ab68be5b8d82&bsw_param=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=&gdpr_consent=&us_privacy=
Request Chain 373
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 374
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 375
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K
Request Chain 376
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7291242071810221903&gdpr=0&gdpr_consent=
Request Chain 377
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290467016559032476&gdpr=0&gdpr_consent=
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_f96f0547-d12c-47bb-bb6a-356c1778d8a9&bsw_param=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 379
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BP0vYBiRWqRVKb_xI9rcS8IjeXE&gdpr=0&gdpr_consent=
Request Chain 382
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVE9rN0tXZUlBQUJpU193clZvdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACTOk7KWeIAABiS_wrVow&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACTOk7KWeIAABiS_wrVow&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACTOk7KWeIAABiS_wrVow&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=512488335926292326&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACTOk7KWeIAABiS_wrVow&gdpr=0&gdpr_consent=
Request Chain 384
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf9016e17f9ee404aba58648459cd4843
Request Chain 386
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=340348770347379010
Request Chain 388
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421644902826
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x-e8GDTTQpe7JdUs2WhHHg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 395
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=284696799
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzdFN0JDMTgtMzREMy00Mjk3LUJCMjUtRDUyQ0Q5Njg0NzFF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdCPQqD8hcdI0K-G8e54b8&google_cver=1
Request Chain 400
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5445555529033447467
Request Chain 404
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b8160e6c-6798-48b7-9474-7d3451f5b636-652cf12a-5553&gdpr=0&gdpr_consent=
Request Chain 405
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8111004722029967583&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 407
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2655bf38-d785-493e-a504-16e0ff9c06b0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
Request Chain 461
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSzxIjI5J1C5GBqQA8vXMQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDzKtIPz3v5FddGAyg3Lz-0&google_cver=1
Request Chain 463
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI5MTI0MjA3MTgxMDIyMTkwMw%3D%3D
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
Request Chain 465
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzIyMTljMTYtOWNmOS0yNjNiLWQ1NTQtNTkxMDZjMjU5N2Rk
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA-8pEVKbon3MqVIDaPBzg8&google_cver=1
Request Chain 469
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTGL6YkmLYQnsM5_WoMtpeE8J2JYyROZiMAb_ugqaYWc_HiZI_4wOAtrwlqA5yGampyz9myfL5VnQbujS_06oPoIgGGXJdd HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTGL6YkmLYQnsM5_WoMtpeE8J2JYyROZiMAb_ugqaYWc_HiZI_4wOAtrwlqA5yGampyz9myfL5VnQbujS_06oPoIgGGXJdd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGU2a3RYcjMxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTGL6YkmLYQnsM5_WoMtpeE8J2JYyROZiMAb_ugqaYWc_HiZI_4wOAtrwlqA5yGampyz9myfL5VnQbujS_06oPoIgGGXJdd
Request Chain 470
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOyLLHeBQ3TD_UC8hH5FTMM&google_cver=1&google_push=AXcoOmSwhtkIRBsN0K2t6y56DDsdEscbZnyzkwIzuv4rQcTRfxxhMJqpmFJUNPVJ2pcwd5neN-RScGClL2Z0kf4sM1UTbs5lM_Jg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwhtkIRBsN0K2t6y56DDsdEscbZnyzkwIzuv4rQcTRfxxhMJqpmFJUNPVJ2pcwd5neN-RScGClL2Z0kf4sM1UTbs5lM_Jg&google_hm=znwrhlOHR1q9LVe_9b5DnXE
Request Chain 471
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJMITETrNABCIld3I015MEg&google_cver=1&google_push=AXcoOmRWUHxvgDFVeuotAYdyev4HO0P4LYKTmvtGmza09dfI02CPDrMInIpWmGcNvsZB14cn2yUlyoLmbSeabZaat6ev6zsbvwiQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRWUHxvgDFVeuotAYdyev4HO0P4LYKTmvtGmza09dfI02CPDrMInIpWmGcNvsZB14cn2yUlyoLmbSeabZaat6ev6zsbvwiQ&google_hm=eS1aR1E5SDNwRTJwRjB2Wk16Z29sRGdQbmlMdnQwY3BRNH5B
Request Chain 472
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTwvh3TRpX8Xn2KDtLnxfUNQqUK5A2ONCoPaYyXTT6nWbRQhYZP23eFBgDWCXBZSWubscQQunBAfHSvmOB_yxo-XgPyWemU&google_gid=CAESEMSfll50NhztHvrriijmi8M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-82wsHmkC9oQRbk9_t6xMy47ZdKHe7TBI-pd0HQ&google_push=AXcoOmTwvh3TRpX8Xn2KDtLnxfUNQqUK5A2ONCoPaYyXTT6nWbRQhYZP23eFBgDWCXBZSWubscQQunBAfHSvmOB_yxo-XgPyWemU
Request Chain 473
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEAt_lq7gpNHyrZXLnje6R0&google_cver=1&google_push=AXcoOmTSYpy6f6WcNWQH0WgfmCWw6IwVnw5MOyIXF6OVnHCy_SwCWBCo2kUnsDW1M7gGUYcRk91DL5VRDSJL9CmEcONnUfmxMW0m HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x-e8GDTTQpe7JdUs2WhHHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTSYpy6f6WcNWQH0WgfmCWw6IwVnw5MOyIXF6OVnHCy_SwCWBCo2kUnsDW1M7gGUYcRk91DL5VRDSJL9CmEcONnUfmxMW0m
Request Chain 474
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJICwG8zHfWoquTwVLImnvQ&google_cver=1&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr8 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr8&google_gid=CAESEJICwG8zHfWoquTwVLImnvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5NDkyNDg2OTQ4MDc1OTIzNzI2Mg%3D%3D&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr8
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM8B9zezdvtFi5_afXg9A8I&google_cver=1
Request Chain 523
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1&google_push=AXcoOmR-tbL3Y_4ILVDj25JwPZzbakpBRz4rjBp2HOJ-X02RJH8laTREyYtVY8cXBu5SbLNiZCRR85Wd_UYmtgMukptQaLyZJCGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc5Mzk0MTMxMjQ1NDA0Nzk2Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
Request Chain 524
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTPmmMw3eg02licSQQyr8GMfC1fVlefws8eyTnEQ9Rdc5JNFCmHi0hQIpLLXeIE2DbDIC10HOzbd3PHm4MTSBKG1h_f4Ed7 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTPmmMw3eg02licSQQyr8GMfC1fVlefws8eyTnEQ9Rdc5JNFCmHi0hQIpLLXeIE2DbDIC10HOzbd3PHm4MTSBKG1h_f4Ed7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlliZXhkS3AxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTPmmMw3eg02licSQQyr8GMfC1fVlefws8eyTnEQ9Rdc5JNFCmHi0hQIpLLXeIE2DbDIC10HOzbd3PHm4MTSBKG1h_f4Ed7
Request Chain 527
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmQRYIMSVAVcTEuZ4-oCdRFimMLCBbrzMO8ebe_5FhKB42ryj2ZzYqc53cwk__dRT52gnhDjOMvGznEzaA2Blb26bYnLHFLW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQRYIMSVAVcTEuZ4-oCdRFimMLCBbrzMO8ebe_5FhKB42ryj2ZzYqc53cwk__dRT52gnhDjOMvGznEzaA2Blb26bYnLHFLW
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHm-APJHldEgo1HSsUuoJzY&google_cver=1&google_push=AXcoOmRacr-LJc8Q0eMcQ1CpCTB-sPA0_mL1IxmitFPd5Zxa9e6FIbID9CN1L6VDTrxG-l14-Pcb-bVtgX5rGjR3QmE4mBIzPbe5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TTUVUWUItMU0tN05BRw==&google_push=AXcoOmRacr-LJc8Q0eMcQ1CpCTB-sPA0_mL1IxmitFPd5Zxa9e6FIbID9CN1L6VDTrxG-l14-Pcb-bVtgX5rGjR3QmE4mBIzPbe5
Request Chain 529
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECXJ825jlFfGfaFstYg8ycs&google_cver=1&google_push=AXcoOmSkrsLxDov6aa4pbUYsHojVtfbXXc3mkCy9pzR1UpeRVG9K4vdtasLWKCQdzdiYHlBri4qPKplG4BEu8JFjRPsrCdz2qzmd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&%%GOOGLE_PUSH_PAIR%%
Request Chain 534
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPibTmDS3Bj7l5f63AWFBKY&google_cver=1&google_push=AXcoOmSSXSxCVtPLIP7r5EvDZEchEgc5Nz6dYT1V-dhRxZwHE3vCYhBgmYaRzbBg4D2-aSxfZvK9XIrAVTIyd4MAhbmnhi14Bpc HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSSXSxCVtPLIP7r5EvDZEchEgc5Nz6dYT1V-dhRxZwHE3vCYhBgmYaRzbBg4D2-aSxfZvK9XIrAVTIyd4MAhbmnhi14Bpc&google_hm=6H2cJ5kwMn0UlJ_wuCPgHw
Request Chain 535
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOyLLHeBQ3TD_UC8hH5FTMM&google_cver=1&google_push=AXcoOmTbyGLFersjRHp-lZSzvY8JrXH7okz-SCB63cQ8PmbAycq_g-1TWSRw9_RKKK-GciXadkGlI3nN6JuWrCxrDT4Hr9rDZIF5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTbyGLFersjRHp-lZSzvY8JrXH7okz-SCB63cQ8PmbAycq_g-1TWSRw9_RKKK-GciXadkGlI3nN6JuWrCxrDT4Hr9rDZIF5&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
Request Chain 536
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHOOi5K4eFD0_WPKP1KKQ9Q&google_cver=1&google_push=AXcoOmQj7Kuj0gzFHI0H_brDLKFVCToAct39l-JTCqH6mvcSdqxlX2Vdaizv5NwkoN1Q0JTc47PyWvITbmdEJqoWyIz-zFizxgo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w-O483rMRAAm4L9zV5mA9w&google_push=AXcoOmQj7Kuj0gzFHI0H_brDLKFVCToAct39l-JTCqH6mvcSdqxlX2Vdaizv5NwkoN1Q0JTc47PyWvITbmdEJqoWyIz-zFizxgo
Request Chain 537
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJMITETrNABCIld3I015MEg&google_cver=1&google_push=AXcoOmRRwLq3XDH11KpJBvVp0PZclXNfSQ2ps4NJMohkRS-ZRWwHa1LqDPHa-ExuwkLy_CBr-KsgGa8f0A4ezLKKcMQDSjSHL_Ro HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRRwLq3XDH11KpJBvVp0PZclXNfSQ2ps4NJMohkRS-ZRWwHa1LqDPHa-ExuwkLy_CBr-KsgGa8f0A4ezLKKcMQDSjSHL_Ro&google_hm=eS1aR1E5SDNwRTJwRjB2Wk16Z29sRGdQbmlMdnQwY3BRNH5B
Request Chain 538
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmQqoZaYYbX1aIkr8K_HJyVhhVVRve-rnwY1colybAaTHJrPP3Zhwc9fxV7kLfilIo_pcnoQSjWSV5UZK9tj3Zvp-7W2-WUd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQqoZaYYbX1aIkr8K_HJyVhhVVRve-rnwY1colybAaTHJrPP3Zhwc9fxV7kLfilIo_pcnoQSjWSV5UZK9tj3Zvp-7W2-WUd
Request Chain 539
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOCxiRlxfi7glR2aLQiXahc&google_cver=1&google_push=AXcoOmQzwGvYP7V1q-2i7XPKN3gb8tR0awfhV9l8OyqIikd9x1FQZ8gBXZPQ5MtKlWSEm3-YBFM9r09e7FxjMirQlrqouDAaxVNr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmQzwGvYP7V1q-2i7XPKN3gb8tR0awfhV9l8OyqIikd9x1FQZ8gBXZPQ5MtKlWSEm3-YBFM9r09e7FxjMirQlrqouDAaxVNr
Request Chain 576
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 582
  • https://hal900029.redintelligence.net/request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1St2IvEsZcqxMozMgQf-46Fog6Hum2nIlI6X9w_wLhABINGTwypgqbC-gMwByAEJqQLe9ToZ5KGxPqgDAcgDmwSqBJYCT9CBLT6S4N7hN8rzYFShv545NbHlSxyoUNxOmv5hkDv5dWVMjqHL4mnZCoYm-8hHYyeMq5XDfawnH5lmVk-2YKP_mRjx0sIF8DDY3R8kK4_Px9FJG4AzdgMjgKsFQ_JX4z7Y9hSwlP52IyuLt2_df_opW5fvxGPb-Ugi0YUVYoi-9xjeQ-EMliCOIaOB_-hTL_hIAqNxicfBsYuCNEaI9pAfaoHlWIXQFgyeuvZFboLbjR5i17AIv5OMBvlCh1p_AM1vqIWjphFkRoXidJQQVD0phL3-7bKsAD74B3xutBXYks-4wL3yVQjk6yIjkoLq2bNldPG4i4-QAjwsyk_QypSEX2oduE1k_Fq94mEUJfKG-k60UIfABOPCoq2LBOAEA4gF1byU-T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJBVMgNAeINEwiKw8STkPqBAxUMZuAKHf5xCA2wE8_gzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIysrGk5D6gQMVDGbgCh3-cQgNEAEYASAAEgI8WfD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE%26sig%3DAOD64_0YRXy9FIqtMdXaho26MQ-aIVSAwg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DEu9p73IDOgKCN-IxtldbCgThyca1Jq0-riNff3QxoDRotwA8-SLJAsdxEmkl35YRGKPiNvhwxkEHFjDNrlxYLc6Vu3DDF20qE9j3YvldQar_rB4rG0BPDUIy5a6I5wA3tYC6Fz5wu5I3NeVyt-plOTKiibm6MsapUZqTdn58rVjR_-WQ%26cry%3D1%26dbm_d%3DAKAmf-AQvJpt7ue0tgVcvQ26Eq17czL49o4kihu-fDczb_GBJrfRCSOv9jvMnBcE1TG36zrXnjULpbZYa3_uEt859VLoVEMHFqT4nqKkQ_AsAyPpRrTaQBKeSZ3PwxfehNTE-PPEd9Yk5u-252z1A8GVG9mWLpZtFOWpwYWV-mOaOSy8-_xr190c4uB7aLt8KF9uyTqT-nvndZLfhxbA_xY9UWZD3MneIOPptlqn5LDf_eTUC8H8khbxu2bqBWxKcPonRMLa-k2QdBJWM8kTLnBtpNOXHVXaUxzsq_twf2B4HHSgyJMDYGmdziZEXPhnm47LrASXSQtBgk0UaWNgJexXLHuaIeH20Lv35n8y9opnV1zsc5r-LtdYHUIc9JpRUdrZYU6Xag9wTeopjyEys2kV7AdcsTtWDviwK7GtMCg5T5CqXVt8HJkuc5BNtNNVM149R1y25Qq2IbeHmtzuiHdbtLx0GFVKKxi_tS8gD6T0KTN60Mkm7rLyFguSX2RKEk9VEdz-5qDNlDPlSKnk3NvwwBMpVzp3UoZ8Jvn_s4Hn1e3BN2tqs3c%26adurl%3D&documentReferer=https%3A%2F%2Fnews.walla.co.il%2F&ancestorOrigins=https%3A%2F%2Fnews.walla.co.il&random=605887973381&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900029.redintelligence.net/request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1St2IvEsZcqxMozMgQf-46Fog6Hum2nIlI6X9w_wLhABINGTwypgqbC-gMwByAEJqQLe9ToZ5KGxPqgDAcgDmwSqBJYCT9CBLT6S4N7hN8rzYFShv545NbHlSxyoUNxOmv5hkDv5dWVMjqHL4mnZCoYm-8hHYyeMq5XDfawnH5lmVk-2YKP_mRjx0sIF8DDY3R8kK4_Px9FJG4AzdgMjgKsFQ_JX4z7Y9hSwlP52IyuLt2_df_opW5fvxGPb-Ugi0YUVYoi-9xjeQ-EMliCOIaOB_-hTL_hIAqNxicfBsYuCNEaI9pAfaoHlWIXQFgyeuvZFboLbjR5i17AIv5OMBvlCh1p_AM1vqIWjphFkRoXidJQQVD0phL3-7bKsAD74B3xutBXYks-4wL3yVQjk6yIjkoLq2bNldPG4i4-QAjwsyk_QypSEX2oduE1k_Fq94mEUJfKG-k60UIfABOPCoq2LBOAEA4gF1byU-T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJBVMgNAeINEwiKw8STkPqBAxUMZuAKHf5xCA2wE8_gzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIysrGk5D6gQMVDGbgCh3-cQgNEAEYASAAEgI8WfD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE%26sig%3DAOD64_0YRXy9FIqtMdXaho26MQ-aIVSAwg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DEu9p73IDOgKCN-IxtldbCgThyca1Jq0-riNff3QxoDRotwA8-SLJAsdxEmkl35YRGKPiNvhwxkEHFjDNrlxYLc6Vu3DDF20qE9j3YvldQar_rB4rG0BPDUIy5a6I5wA3tYC6Fz5wu5I3NeVyt-plOTKiibm6MsapUZqTdn58rVjR_-WQ%26cry%3D1%26dbm_d%3DAKAmf-AQvJpt7ue0tgVcvQ26Eq17czL49o4kihu-fDczb_GBJrfRCSOv9jvMnBcE1TG36zrXnjULpbZYa3_uEt859VLoVEMHFqT4nqKkQ_AsAyPpRrTaQBKeSZ3PwxfehNTE-PPEd9Yk5u-252z1A8GVG9mWLpZtFOWpwYWV-mOaOSy8-_xr190c4uB7aLt8KF9uyTqT-nvndZLfhxbA_xY9UWZD3MneIOPptlqn5LDf_eTUC8H8khbxu2bqBWxKcPonRMLa-k2QdBJWM8kTLnBtpNOXHVXaUxzsq_twf2B4HHSgyJMDYGmdziZEXPhnm47LrASXSQtBgk0UaWNgJexXLHuaIeH20Lv35n8y9opnV1zsc5r-LtdYHUIc9JpRUdrZYU6Xag9wTeopjyEys2kV7AdcsTtWDviwK7GtMCg5T5CqXVt8HJkuc5BNtNNVM149R1y25Qq2IbeHmtzuiHdbtLx0GFVKKxi_tS8gD6T0KTN60Mkm7rLyFguSX2RKEk9VEdz-5qDNlDPlSKnk3NvwwBMpVzp3UoZ8Jvn_s4Hn1e3BN2tqs3c%26adurl%3D&documentReferer=https%3A%2F%2Fnews.walla.co.il%2F&ancestorOrigins=https%3A%2F%2Fnews.walla.co.il&random=605887973381&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 595
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=QkcDJhJDA3ZZRQAjQkMccUwQUCdZEFImF0dd6HhU
Request Chain 596
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5445555529033447467
Request Chain 597
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=469833a1-4924-c365-00ba-813ecef4925d HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=469833a1-4924-c365-00ba-813ecef4925d&dcc=t
Request Chain 600
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
Request Chain 609
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 611
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9BD76A46B7904DDBA4E5E1ABB6B9886F&gdpr=0&gdpr_consent=
Request Chain 612
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1697444134026 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5576885168 HTTP 302
  • https://sync.1rx.io/usersync/turn/2793941312454047967?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b43a93e9-1172-4312-bfb6-200c0f053944-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b43a93e9-1172-4312-bfb6-200c0f053944-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b43a93e9-1172-4312-bfb6-200c0f053944-003
Request Chain 614
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C7E7BC18-34D3-4297-BB25-D52CD968471E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C7E7BC18-34D3-4297-BB25-D52CD968471E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 615
  • https://pixel.onaudience.com/?partner=214&mapped=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 616
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7291242071810221903
Request Chain 621
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/richaudience/d53051fb-850a-4eeb-bf70-1zz1697444118
Request Chain 622
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4331228036
Request Chain 624
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5445555529033447467
Request Chain 627
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gLJK0P9m0azHUlc3elHd?pi=smilewanted&tc=1
Request Chain 628
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=55d91c28205fdea1159c1a46316eed1f
Request Chain 658
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPibTmDS3Bj7l5f63AWFBKY&google_cver=1&google_push=AXcoOmQ4e4Toav7c30jYCZZHTdW5tu2Aty-acCGk4SZCIxXAyq8t-EQ6SVlJh1QOYK5h4-FHOfrH-_EFng-HDqtRM00JpmPZMfM HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ4e4Toav7c30jYCZZHTdW5tu2Aty-acCGk4SZCIxXAyq8t-EQ6SVlJh1QOYK5h4-FHOfrH-_EFng-HDqtRM00JpmPZMfM&google_hm=6H2cJ5kwMn0UlJ_wuCPgHw
Request Chain 660
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOyLLHeBQ3TD_UC8hH5FTMM&google_cver=1&google_push=AXcoOmT3P8t5cwrvjjVtyxoQfHV8iTRfMKdBt2t86XdI7Q-DhViAhh3BDQDKhWz24ZL-6Pzj1nWbXk23a462zYmmUlOnqOa7nYVW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT3P8t5cwrvjjVtyxoQfHV8iTRfMKdBt2t86XdI7Q-DhViAhh3BDQDKhWz24ZL-6Pzj1nWbXk23a462zYmmUlOnqOa7nYVW&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
Request Chain 661
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOCxiRlxfi7glR2aLQiXahc&google_cver=1&google_push=AXcoOmTUDf6fc1YJksrI9uuIl8UDZaZpJWpYD0mbzNiglxSNLQVFk96KjKlXWjKQzBxPFCCfCIrySb3eWa2j98PEblIyWuiuBHpJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmTUDf6fc1YJksrI9uuIl8UDZaZpJWpYD0mbzNiglxSNLQVFk96KjKlXWjKQzBxPFCCfCIrySb3eWa2j98PEblIyWuiuBHpJ
Request Chain 663
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHJO3Uy5Ho_eNmj1I7d64dk&google_cver=1&google_push=AXcoOmS7Re9WcobS-lqps-5C1l35mKhT2C2dChx95PKNQsBUfNJ3ZnZYiNvVM7--nQrD8WLurBGS0O3_GeNlFBJHIGr4_WUtWag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS7Re9WcobS-lqps-5C1l35mKhT2C2dChx95PKNQsBUfNJ3ZnZYiNvVM7--nQrD8WLurBGS0O3_GeNlFBJHIGr4_WUtWag
Request Chain 664
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDSdsnsRhjKIVvZe5liz97Q&google_cver=1&google_push=AXcoOmTG5bZAi7Y4c_ej_GQjummVaZ8xwjppFsXFmoBkY2c49ZiISqRpt2kyFTR5BZAt2TdNuS0zb1MJ1C5H9GsViNKBxCEJ12Vr HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTG5bZAi7Y4c_ej_GQjummVaZ8xwjppFsXFmoBkY2c49ZiISqRpt2kyFTR5BZAt2TdNuS0zb1MJ1C5H9GsViNKBxCEJ12Vr%26google_hm%3DA-evD3C-eEaNvk4qayhvbhc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTG5bZAi7Y4c_ej_GQjummVaZ8xwjppFsXFmoBkY2c49ZiISqRpt2kyFTR5BZAt2TdNuS0zb1MJ1C5H9GsViNKBxCEJ12Vr&google_hm=A-evD3C-eEaNvk4qayhvbhc
Request Chain 671
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7291242071810221903
Request Chain 672
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACTOk7KWeIAABiS_wrVow&expiration=1698653736
Request Chain 673
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=285ca19b64d6815af85768658dd7eb3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7291037504216623373&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACTOk7KWeIAABiS_wrVow&dataProviderId=817&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Request Chain 674
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2bd2d70c8902434c955dbb4451d0a251&expiration=1700036136
Request Chain 676
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=UoVtwQKBbZFJh27EUoFyllzSPsBJ0jzBB4UP3mLb
Request Chain 677
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697530536

743 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
news.walla.co.il/
Redirect Chain
  • http://news.walla.co.il/
  • https://news.walla.co.il/
533 KB
274 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
384bf5ed743b66d2a6468c956595c0e32dac2f56badce9b1c49d7d60883afb15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 08:15:25 GMT
etag
W/"8528f-M3V92ZXyA0uKYL/A1bnfyzv5wG0"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
x-amz-cf-id
F14FnsPNaxII9ZcKThio4i6nrpPxtbtAxWJJZZQr7GtRYCPLqTDASw==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-cached
HIT

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 16 Oct 2023 08:15:25 GMT
Location
https://news.walla.co.il/
Server
CloudFront
Via
1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xx8B2WbgM1-yJb2icklY0sDVDfY6noxbBIwHGkTNFBhyV9H3pk8YHQ==
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Redirect from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b55d0407250d2678245078fd4c277029187afedb83b5d9442a0262815c6de9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29342
x-xss-protection
0
server
cafe
etag
495 / 19646 / 31078806 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:25 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fcf32fcfd63452c6f1669fb5bcafcf703c8ec6429766a92c0b805cff01e55941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74086
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Oct 2023 08:15:25 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 10:15:53 GMT
content-encoding
br
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
PRG50-C1
age
79172
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
0e2ME4i6v1ygKjqw-AzAp8BXpx5zKfm7_xVlQsM8PlBAcOyQvsXnew==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-97.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 16:56:27 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
55138
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cvtLKhGvfj8QiAAduufI7Fy8jhIZuRy-BtHvzMn0Nz7BZFftg0wt9A==
expires
Mon, 16 Oct 2023 16:56:27 GMT
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1011 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f88204f21f0cfa55d9ce9c24c16f5558017c911b0cc487e2d77ca974b1be68cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:25 GMT
Content-Encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Wed, 11 Oct 2023 13:18:01 GMT
x-amz-request-id
tx00000000000000d35a6f1-00652c3ec0-3b7003e1-fra1a
etag
"131675db9161fe924ac7d58a7164b1e2"
x-envoy-upstream-healthchecked-cluster
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1697444125.dop222.ve1.t,1697444125.cds246.ve1.shn,1697444125.dop222.ve1.t,1697444125.cds211.ve1.c
Content-Type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
283045
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		892 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2a3cfa408d5d840e25baf248240cd57b279ab00268db4ce62a053c596be1d852

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
yZLo5zbT7y0RGSaeEDzWkmzWSox5mVqE
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:25 GMT
x-amz-request-id
DHKQHA4MQH94XR8C
age
683
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
20
x-amz-replication-status
PENDING
content-length
69882
x-amz-id-2
Qqp9KC/E5v+7CPik7mUMikLmTJjs1QfSqyXnG9P5nHaYWKPpozT8VjGHSULtLmCYXzo27Ia2MNY=
x-served-by
cache-vie6324-VIE
last-modified
Mon, 16 Oct 2023 08:02:46 UTC
server
nginx
x-timer
S1697444125.303635,VS0,VE1
etag
"13ce62ed5da5eedace20054dc8c24ae70fefe1c5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
18
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:25 GMT
Content-Encoding
gzip
Age
344
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (frb/67F3)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		490 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a58eea9b988be9a159f96d5999cfe63e692595e537d17857f66ac1b4c9b4f0ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110393
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Oct 2023 08:15:25 GMT
gtm.js
www.googletagmanager.com/ 		422 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b4b48aad19b326bd0de04dac4b8eab57b134145973eb2d4bcaf5cfed8e45cf01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82528
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Oct 2023 08:15:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 07:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1543
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 09:49:42 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-97.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 17:21:57 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
53608
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
hJvTcgpkVNzmKBSVEJxGhHuJh23rPhuSyevwuvsx19lPawurhyV6Rw==
expires
Mon, 16 Oct 2023 17:21:57 GMT
mobile.svg
news.walla.co.il/public/assets/logo/ 		1 KB
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/logo/mobile.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"437-18b240eb6e6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
vhhZNMY89k2yn2XnZlrSxIfmhPtQKOyZwPeXTrvvQumb5R6b7Pp55Q==
x-cached
HIT
logo_new.svg
news.walla.co.il/public/assets/logo/ 		1 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"4bf-18b240eb6e6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
pDg__6dmiQZhZLRBw5lCrT3RiGrV5CB1lX67_Zx7L5SEMSrvDr0Rlg==
x-cached
HIT
logo-with-israel-flag.svg
news.walla.co.il/public/assets/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/logo/logo-with-israel-flag.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"bee-18b240eb6e5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Id8huwIwnkjEdQVl_O5XE17T38FKy7r3B8rjNPx5HGotl370XbRxTw==
x-cached
HIT
icon-mail-empty.svg
news.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"5f6-18b240eb6d5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
a2Ff3N150p1wbBUjxkDSFEo7J4bIFNXQTF2d2HoPpUCW0kbW0PE6Dw==
x-cached
MISS
almoni-neue-aaa-600.woff
news.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"e954-18b240eb70d"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
9uuNwHZI2Uol3X1EdX_AO9ari7uyIlyp1HLDMN4qoEWw6CkpP08CNw==
tiktok.svg
news.walla.co.il/public/assets/navigation/ 		628 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"274-18b240eb6e8"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
HIT
x-amz-cf-id
2xuzEInuk1ZNhZuek6zbZtvagwBMO0Uc19wxaN2Pyqa4TuTeQU0yHQ==
insta.svg
news.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"79e-18b240eb6e8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
nbukJh_fHM5oxasIwTIeH4HcNgzzx_MKM9d-7ZDl6t44iXwMkXfzqg==
x-cached
HIT
twitter.svg
news.walla.co.il/public/assets/navigation/ 		1004 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"3ec-18b240eb6e8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
JqzTGk2FppRbJ9lb1AItqqMcOuEty5gSXTmxlzxWJkSQwdwVnvWbPg==
x-cached
HIT
facebook.svg
news.walla.co.il/public/assets/navigation/ 		471 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"1d7-18b240eb6e8"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
HIT
x-amz-cf-id
RlzBGg_yePfnyt7TLl8-yDchEixWWNOeaSZCeuJOHtMe8AY_3Z0jzg==
allay-icon.svg
news.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"c00-18b240eb6db"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
6HlQjZxhXNK9lqiAhvbYbIyzRZcUXsGE-cwm_qm_CchluPRWMzPwng==
x-cached
HIT
vod.png
news.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/icons/vod.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"4a6-18b240eb6df"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1190
x-cached
HIT
x-amz-cf-id
ZIVedgvp-Gx9e2oJVFoNq8Ic5SFLfoZzDInYnLEzL0c56Ai6d1oOBA==
3613663-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/6/1/3/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/6/1/3/3613663-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
72f5a8ad58658aa5301aa5087eb1dfb3e33827a2a07a4e6b495ba8565de372f9

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:26:31 GMT
via
1.1 google
age
42534
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28392
walla-sprite.svg
news.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"4a05-18b240eb6df"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
pTv19iR3py9BLgY7036zZtdQAAQV9KH_I_HErz83WcW9-CWppXyzXw==
x-cached
HIT
wallaicons.woff
news.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"3bdc-18b240eb70e"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
fGbuuHBR1DN0VYpuJwZj6lc35InqZ_ux6LN3Be1p4MnRkx53oCI1dQ==
almoni-neue-aaa-800.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"e65c-18b240eb70d"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
58972
x-cached
HIT
x-amz-cf-id
NYGv5gTpey_Brr6c4twn__2PSBaT-tTVorTvUoygNGztWFeAoizl4w==
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
news.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"248c-18b240eb6be"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
oA5ixr6J8bU2WSBzFh7TqH3bSAha3jD6HsZ0GhqAAZcxhzlFARZ3lA==
x-cached
HIT
3059_5a86bee423edf09b69a8_5a86bee423edf09b69a8_walla.js
news.walla.co.il/public/ 		313 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/3059_5a86bee423edf09b69a8_5a86bee423edf09b69a8_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
399bb271bcba83ab3b22ba6327f8bd76fd6d90604a45bc6e8d708af071457ff9

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"4e55d-18b240eb6bd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
vcX8YsUgKOqnUMqxzbjgLur-wmANKfPd1_vvBS58m0IdttNMjFTO3g==
x-cached
HIT
main_07e74f8057a813dea205_07e74f8057a813dea205_walla.js
news.walla.co.il/public/ 		999 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/main_07e74f8057a813dea205_07e74f8057a813dea205_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
1c7ed1a9b207bbfe147b91546a532c2701795ff00809fd57218458aefd5a433a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"f9acc-18b240eb712"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
oKQrYerfuyy7XxiOvM_bjLWyK-FP_UKGGMTaf_eB9Ab1CFKRZteezQ==
x-cached
HIT
1252_c3c25ae54697214115f2_c3c25ae54697214115f2_walla.js
news.walla.co.il/public/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/1252_c3c25ae54697214115f2_c3c25ae54697214115f2_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
0006a0539d3f199c9b2416e7964cec61ac6c90f394e2d9c8fbd0d1196cc137a6

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"4b08-18b240eb6bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
m3xi0HaXEvV2vGqPElWBR463na3Pm5KUapc9NEplNbmhlOugRe_3Zg==
x-cached
HIT
8828_a9489bf99bdefde1bf12_a9489bf99bdefde1bf12_walla.js
news.walla.co.il/public/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/8828_a9489bf99bdefde1bf12_a9489bf99bdefde1bf12_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6aa31dd89388fda4e31645d09e4e469a034999e4d7cbb356bd3b6b6fd44885a2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"f8d0-18b240eb6be"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
HUM_10T9LOtwFxbz7qlAckiRn2SNKibA7AQXOZ61eocH1whQ13QSTw==
x-cached
HIT
7225_843cc54c09c448233568_843cc54c09c448233568_walla.js
news.walla.co.il/public/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/7225_843cc54c09c448233568_843cc54c09c448233568_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
4855b8ec613d695d50a7af3d0044f10afad1304c8663ae841e3a5d10aeceea36

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"73c2-18b240eb6be"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
WzueaZyjWtpB4YfV9F06ay5Y3_8Bz1wVfSvmpD44tPqeWX6vsOQHzw==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
news.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"6b6b-18b240eb6bf"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
4sA6cMj5rcYzqzjKQWVam7ybFBX0nBmO_ORbQ5M3cBSmhRWrgWM6pQ==
x-cached
HIT
vertical_b7d891c8d4d806c03ec4_b7d891c8d4d806c03ec4_walla.js
news.walla.co.il/public/ 		510 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/vertical_b7d891c8d4d806c03ec4_b7d891c8d4d806c03ec4_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
04debb0274877bbceef12ab3c191925e5fb34af51720394af19bf872cf0ca6d0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"7f809-18b240eb715"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
jvZvaQEwX0ap5Eh4U4Ca8FgGJ58ml93z6DwdB4_MWLnHeUGOcsgyuQ==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.41 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
824291365.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
765144c54ec1f3492c42891d5a1d18ff8d08e9d6e1866add9d8eb8f7bd7b462c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Oct 2023 08:15:25 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
31
x-accel-date
1697444094
x-77-nzt
AcO1ryc3Nzf/HwAAAA
x-accel-expires
@1697444694
x-77-age
31
last-modified
Fri, 13 Oct 2023 09:51:11 GMT
server
CDN77-Turbo
etag
W/"6529130f-2908"
x-77-nzt-ray
25b0213117d75b431df12c65257fec1b
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.116 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f20.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 16 Oct 2023 08:15:25 GMT
server
Google Frontend
x-cloud-trace-context
48fb89705d3b5f4913abd5acb987f272
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.116 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
d097cc5e00bf81fbf240163e4227021f8caddff4d4c6725949e1011afbefbb55

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
ee886eb6-37e1-4ccc-9b2c-27be79578c3f
x-vad-version
0.14.17

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-pKOTI97untAuLI7cZIoXLM9iX2E"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
6be706216082cfb244fbcda819f857d1
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
age
73544
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sun, 15 Oct 2023 11:49:41 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-id
XASL0ojdLCqDKih6vnVYBSaqwHL8GMIjAmRnP55Np0zncJKJTSlS1w==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
survey.js
cf.dxmcdn.com/dta/ 		189 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/survey.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YtNR9erNG.NoRBEcRdBoVE4OGMJQuym3
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
date
Sun, 15 Oct 2023 23:19:01 GMT
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
32185
x-amz-server-side-encryption
AES256
etag
W/"b034abfcfb6819eabeb9878dfce0a78a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Nc1JYS-SNi5AmapWfdkp3vnVRcwl3Nl4jUL5PpFkZxNKlwu1mb3M8A==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/javascript

Response headers

date
Sun, 15 Oct 2023 11:49:03 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
PRG50-C1
age
73582
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
H4KUg0jCR0wjqsuTa3BznbGnS4pMurpk3g2SJ1uqO6VuMLpJkpPhGQ==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/javascript

Response headers

date
Sun, 15 Oct 2023 11:49:03 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
PRG50-C1
age
73582
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
_luHKTwbx_dsJLpg19bvUPvf76gao3LHaU9KAsu3ZoMOmIy95ISYnQ==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
age
73544
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sun, 15 Oct 2023 11:49:41 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-id
IEIwHOKGDOcz90XCJMES69UEXQQh3fQnpG2f3FIhlGH4r6sE4VVY5w==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 83BB 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fnews.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
560569
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Oct 2023 08:15:25 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6796)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
X-EC-BBR-Enable
1
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
74079
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 11:40:46 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1697444125569&cv=11&fst=1697444125569&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&auid=1760432379.1697444126&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7658b18d20f27a2db750fcade300ff7918c27d7122e9be39ec97a9dbd53023a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-112.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:40:50 GMT
content-encoding
gzip
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2075
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
PMCopXi0Wt0_xIxGrq2pkAl2BNaAYIrfwAKeGszEXeb2GmuWQpxRHA==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
0f6bdeaa22496e587132d9703de567e09935ac83aa888195ec1b78905d7497a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 07:28:55 GMT
Content-Encoding
br
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2790
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Mon,16 Oct 2023 07:28:55 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"0281c5e2dccd0a23020640b8891dee24"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
1LJKpAVswYIA8bTvV7PZNaZdwQ3ZGBnymmxP7RZt7GAz2LGDBeCSPQ==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 08:15:25 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
aVUdKedcIJ2IW+fxAKHEXIyTBIQ1VVPYvMPD/SEVG3pPq8GQeicOpHLCWHGmXtrJcTrDU0rHYYhtD2acH/yw1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
h.js
cdn.unblockia.com/ 		164 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
date
Sun, 15 Oct 2023 14:15:51 GMT
x-amz-cf-pop
FRA56-C2
age
64775
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
fb4d4b7b1d35720e2d2481016ef4369b
last-modified
Tue, 20 Jun 2023 10:06:46 GMT
server
AmazonS3
etag
W/"bc5af0220c4116294c4e9c72ae4e244c"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id
OL-i8XoyKOgb_ocT6yBBLpgTW4WRfgX2AqaoAUd1sSLC0sZflJFfYA==
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1544128646&t=pageview&_s=1&dl=https%3A%2F%2Fnews.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=909599815&gjid=359003391&cid=1579745487.1697444126&tid=UA-4780630-1&_gid=1092310630.1697444126&_r=1&_slc=1&gtm=45He3ab0n71T728TH&cd1=&cd2=1&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%97%D7%93%D7%A9%D7%95%D7%AA&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fnews.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fnews.walla.co.il%2F&cd124=&z=1846927296
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 07:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1543
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 09:49:42 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1697444125721&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&bttype=purchase&auid=1760432379.1697444126&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
03fa6cb423f91c99596872e68deae8752f1b0cb0b6e4bc95ca3210600d975438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18645
x-xss-protection
0
server
cafe
etag
5863262954022034179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:25 GMT
adoric.js
12890047.adoric-om.com/ 		194 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
350
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
server
cloudflare
etag
W/"306f2-9CYdnBzPfOdeDxtg9L+WyF/1La0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd7I6yeC44hQgcOeQq4PnJmKJn58%2BpWoghTboO%2BnfSabLzhOVRwlvGCvgIp3xJcFbfkiZhCywJVgoGTt5nYcf66RSJh0PjLJICxFuEFJuR49x7L8bGkCfPYIWhdd%2FSC6eXE5%2Bi%2FjcoN1"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
816eda9a5e435aeb-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5793096289bb147ab6809882ad3084fb08bf9dea89787665b2b4f711a857dbcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86855
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 08:15:25 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2e2df66752750ea1f144c41bf3b76a9920eb9356763a45be92496a33c92cc2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74669
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 08:15:25 GMT
init.3bf68ad6f29eb2fce26b.js
web-sdk.smartlook.com/es6/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.3bf68ad6f29eb2fce26b.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.41 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
824291365.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a7c6cbe0912bd511f1386a4de8ddae0ad636822c46fa3e39e9954209e9521aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Oct 2023 08:15:25 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
250991
x-accel-date
1697193134
x-77-nzt
AcO1ryc3Nzf/b9QDAA
x-accel-expires
@1728729134
x-77-age
250991
last-modified
Fri, 13 Oct 2023 09:51:11 GMT
server
CDN77-Turbo
etag
W/"6529130f-101f2"
x-77-nzt-ray
25b0213117d7a54a1df12c655f90b130
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=DwFmPwCozCNWD0k4v3&d=news.walla.co.il&g=20047&g0=%D7%97%D7%93%D7%A9%D7%95%D7%AA&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5640&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fnews.walla.co.il%2F&b=812&t=B-2nagCixYA8j8Z6LBpkjxW85ERz&V=141&i=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&tz=-120&sn=1&sv=BUqQVAC1HaN_BEQa0Sgf5mDCB7QOP&sd=1&im=061b0fff&_
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.34.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-34-232.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		158 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=news.walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1987755b0828e0aaa3344aa67e8195f333b0c8fa45da2199b5ab596c03c07167

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
2
date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1912
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-vie6363-VIE
x-timer
S1697444126.850072,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 14 Oct 2023 07:43:33 GMT
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/3059_5a86bee423edf09b69a8_5a86bee423edf09b69a8_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
094f05931449c8779bad7f79756b59a1ed809e9af6e7e6c3f4d158c5ad6df3e4

Request headers

Accept
application/json, text/plain, */*
Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 08:15:26 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
news.walla.co.il/public/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/main_07e74f8057a813dea205_07e74f8057a813dea205_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"1eb65-18b240eb6bd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
cTmgMR7yq7dKGWaKT3eDJx9VHh3ORnOYLM2t7ingiaPSmYHujc95CA==
x-cached
HIT
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
news.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/main_07e74f8057a813dea205_07e74f8057a813dea205_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"cfe-18b240eb6c1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
IQuqQQsBfuGyELPQIIpGxf3TUAD0RyfVBAFZ2tuld3ZxgR_nW3xd0A==
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/3059_5a86bee423edf09b69a8_5a86bee423edf09b69a8_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
075616ab88bfc91ffd4f830d6ba8062eb9028639cfafc0275bf30d268e5aa1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29617
x-xss-protection
0
server
cafe
etag
966 / 19646 / m202310100101 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:26 GMT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
FPTG2OxoLYtveF6L1lHa_yi.RcOwh3q6
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:26 GMT
x-amz-request-id
ZNCYGV36NHK8PADY
age
2480
x-cache
HIT
content-length
1113
x-amz-id-2
6btP8+laXwrJmevS8dZMPJOHBpxjznyvPcBPLHRHZ+49Trk9VBpdCsJI6G6mtJPq7F2NutXHskE=
x-served-by
cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 08:56:39 GMT
server
AmazonS3
x-timer
S1697444126.290920,VS0,VE1
etag
"0f035f8b52b8607074f683b28f021659"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231015-3-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7bab19098c317dcd4522ff95c1e6a9ae9ffe7a6d3a28056bc9eb98295d09b743

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
tetPSDn4JXiYX92AoGnrx9JK7cVIxlsV
content-encoding
br
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:26 GMT
x-amz-request-id
VQ484Y6TDGX6MD4C
age
23572
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171903
x-amz-id-2
CXvdbOf8o65swvYvuHLnLyThBJMGes/HnvSH/7HxuYfWoXqmfrIf5MxCpqbP/OCrP2rwUXCMXjo=
x-served-by
cache-vie6324-VIE
last-modified
Sun, 15 Oct 2023 09:35:05 GMT
server
AmazonS3-br
x-timer
S1697444126.286565,VS0,VE0
etag
"b25190d8bb0cab9eabbcf6a614338e83"
vary
Accept-Encoding
content-type
application/javascript
abp
67
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
75869
page.php
www.facebook.com/plugins/ Frame 5A8F 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/public/3059_5a86bee423edf09b69a8_5a86bee423edf09b69a8_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
6dcaf4924acf3d2bea3507a71561a0d4dbb9dbda9913cd8c649e9d38c8c72900
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
CJ8rH1LJ6xJ0qSE9kT4bNLSbvHe8VIs3maTm25gRE9wZGobhKgyYPsCZphXYcaF9ytIef6yGL/9oeviMGWXWQA==
x-xss-protection
0
close.png
news.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/ads/close.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:45 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"46c-18b240eb6c8"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
QukKSh8PLrcCzy3MWXrUNO-cJ6jTh1t3cLH596sBKvK7HJslzzXFhQ==
2547415-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100/2/5/4/7/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100/2/5/4/7/2547415-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
893523f42f089cf44d632fac7366f54b2f3d24d9b5de47f771602350e7c965d1

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:57:08 GMT
via
1.1 google
age
80298
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2576
3492232-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100/3/4/9/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100/3/4/9/2/3492232-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fae3abfeea6e0a543fe27ed5ea85cf014a3ae94fb90fb5939e0559e091ebec71

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 15:05:10 GMT
via
1.1 google
age
61816
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3368
3614284-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/3614284-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e6fcf36633443645b870690a7616ed8166b86152257ebaaae43331f785d468a8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 06:18:06 GMT
via
1.1 google
age
7040
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6338
3614257-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/3614257-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6fa9f6a888cd5973098766d1b4d34879cda69d2f13287f2fd8ddb28bec13bd96

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:20:31 GMT
via
1.1 google
age
64495
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6476
3501783-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/0/1/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/0/1/3501783-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
b09ce469fe05302214cf8803ca314ac7eeda075a4f7e81d9d592ffba837d4538

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:11:54 GMT
via
1.1 google
age
39812
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7674
3614424-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/4/3614424-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
29698cba776e3dab1d3a9096b9f85ccb8a72acf301ffb29b3744944923a5b427

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:58 GMT
via
1.1 google
age
14248
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7340
3528809-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/2/8/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/2/8/3528809-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
1eaccdc4aacb54961f7160943eff55e3f3a21de84833c4a6f8d600d5db75fc1b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 18:08:35 GMT
via
1.1 google
age
50811
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45706
3532632-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/3/2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000/3/5/3/2/3532632-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
84a942fa11d63b702ddff3dc7c309f59cbdd66b99853a34b4a07f9f6c87f2e37

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 17:26:52 GMT
via
1.1 google
age
53314
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5926
invalid-name2.svg
news.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"834-18b240eb6f3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
wntnXWM6PLN3I26nHL3JEYlsPM_AJf7vibsH2TvIbeiHXDrDjTnKtg==
x-cached
HIT
3585897-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/5/3585897-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cf528fec5f2cdedcd8213c7d056781991c894b6a52f00c98e9500952e171c184

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 17:24:51 GMT
via
1.1 google
age
53435
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9774
3473503-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/7/3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/7/3/3473503-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7176146461b84fcce1da1c95f77d696b5eecaa93b69dde64b35678f00bc6f705

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 17:49:36 GMT
via
1.1 google
age
51950
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15634
3258183-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/5/8/3258183-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a786785f56c14eac0a047206b47359680bbe3b170695a877a127ad5aeee3ad78

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 17:36:58 GMT
via
1.1 google
age
52708
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4662
3454490-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/4/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/4/3454490-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8f10d7a122060c5e9725d7624296ac0d6b1817545d424d7fdecae5a54123344a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 15:03:19 GMT
via
1.1 google
age
61927
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8150
3401797-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/0/1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/0/1/3401797-46.jpg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0d4166d628450e4060cedad79066d226c7be682380e708dc30d62159fd7433ce

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 17:12:23 GMT
via
1.1 google
age
54183
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6814
settings
syndication.twitter.com/ Frame 83BB 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=cd4aec11141c23e2b17754f36d6becdeb90f12c4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fnews.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
104
date
Mon, 16 Oct 2023 08:15:25 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 16 Oct 2023 08:15:26 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
f69faaa322d4623e
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
cc6d92ec14fef8d78a78e0465ae06c24648c7031903d961e47d340c964c60d0a
content-length
337
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		239 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 10:15:54 GMT
content-encoding
br
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
PRG50-C1
age
79172
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
L-XWPHLHtNENyQFyNFIbV2yBy2dYqYAgi90PVcSMJb8TtijG4WY_Jg==
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=1579745487.1697444126&jid=909599815&gjid=359003391&_gid=1092310630.1697444126&_u=aEBAAEAAEAAAACAAI~&z=932148009
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
4fa69b310798230d616f70eed8ff34b8bb50536234ab23ea3090cce7a90d30bc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
survey-executed
tr.dxmcdn.com/rest/api/v1/ 		0
0
survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-length
323
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:26 GMT
server
Google Frontend
x-cloud-trace-context
e48c6fd6bd033fe955604b2e356117d0
170717926997655
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.134&r=stable&domain=news.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e8b8ef3f53b9219b6e45674894adf50db4dc1b550fef0ff583eb9b150d81ce3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 08:15:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36587
x-xss-protection
0
pragma
public
x-fb-debug
V2x/hQlZaSTqD63LJOp+MM0apTfC3oAXMwSvXIhc3CDE3U5LOzORKP3JVd/o7zV6QV9WrT4PJzHf+aPgadZszA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 00:01:30 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Wed, 15 Nov 2023 08:15:26 GMT
date
Mon, 16 Oct 2023 08:15:26 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1697444125569&cv=11&fst=1697443200000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4151947237&rmt_tld=0&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.at/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/pagead/1p-user-list/11170679829/?random=1697444125569&cv=11&fst=1697443200000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4151947237&rmt_tld=1&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3c452f789abdf129f15ac38a36c85b5bfb905d4b12f634c9c0edf506f817c176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51091
x-xss-protection
0
server
cafe
etag
12279514323825078374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:26 GMT
collect
region1.analytics.google.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je3ab0&_p=1544128646&_gaz=1&cid=1579745487.1697444126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1697444126&sct=1&seg=0&dl=https%3A%2F%2Fnews.walla.co.il%2F&dt=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=1&ep.vertical_name=%D7%97%D7%93%D7%A9%D7%95%D7%AA&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=news.walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=&ep.tohash=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=1579745487.1697444126&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.at/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=1579745487.1697444126&gtm=45je3ab0&aip=1&z=600252208
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1095109406209791&correlator=2693734685967881&eid=31078743%2C31078806&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871&sfv=1-0-40&ists=32767&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697444126690&lmt=1697436926&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635%2C5635&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.walla.co.il%2F&vis=1&psz=1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594%7C1600x5594&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1579745487.1697444126&ga_sid=1697444127&ga_hid=1544128646&ga_fc=true&dlt=1697444125237&idt=1319&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop&adks=3645669435%2C2497977751%2C2307308051%2C2911509050%2C2493450122%2C371343016%2C608226797%2C2435464406%2C1829383952%2C4208359143%2C2743046946%2C169054207%2C1872149234%2C2952711809%2C164849084&frm=20&is_cau=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
db9362a18ab0275121d5812ca17c3bffadb594a4de491e4b01fd9e10d23b6c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
expires
Tue, 15 Oct 2024 08:15:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.at/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews....
  • https://www.google.com/pagead/1p-conversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=...
  • https://www.google.at/pagead/1p-conversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=m...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/pagead/1p-conversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1760432379.1697444126&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEw2enFRWVEwNV8tazdHeC04VFVBUkltQUtyMEw5dWI2eEE0T0U1ZkNxMFd5M0N6bHFURDlFYmVhaDdXcnBhNFk5cFg0amFkMGtnGlpDaEVJOEw2enFRWVFfYjI2d1kyR244X2tBUkl1QUJhX0dsLU16Q3BRQXdBVXRza0w4R0RvSmdwTnNtdzdpTHgySC1ULTcwYjlKZGFlakZOZ0llTUxobTh4b3ciEwiY7pCRkPqBAxUYxrsIHVv7AsI&is_vtc=1&ocp_id=HfEsZdjrLZiM7_UP2_aLkAw&cid=CAQSKQDICaaNxt2Grt6SA7J5PFrFScb1i2jF54N7dGRLLGD12hs2KKHf5HIX&eitems=ChEI8L6zqQYQ5cOL2cCIzf3NARIdAHvXkMGfY7d2S3G2todDR6e-guwce8ztcFJ4Vtk&random=2769877000&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.at/pagead/1p-conversion/777956447/?random=866736353&cv=11&fst=1697444125721&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&value=0&auid=1760432379.1697444126&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEw2enFRWVEwNV8tazdHeC04VFVBUkltQUtyMEw5dWI2eEE0T0U1ZkNxMFd5M0N6bHFURDlFYmVhaDdXcnBhNFk5cFg0amFkMGtnGlpDaEVJOEw2enFRWVFfYjI2d1kyR244X2tBUkl1QUJhX0dsLU16Q3BRQXdBVXRza0w4R0RvSmdwTnNtdzdpTHgySC1ULTcwYjlKZGFlakZOZ0llTUxobTh4b3ciEwiY7pCRkPqBAxUYxrsIHVv7AsI&is_vtc=1&ocp_id=HfEsZdjrLZiM7_UP2_aLkAw&cid=CAQSKQDICaaNxt2Grt6SA7J5PFrFScb1i2jF54N7dGRLLGD12hs2KKHf5HIX&eitems=ChEI8L6zqQYQ5cOL2cCIzf3NARIdAHvXkMGfY7d2S3G2todDR6e-guwce8ztcFJ4Vtk&random=2769877000&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd-5F3qQopr.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 5A8F 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
01b0a37506787c28d13c39ee97918cb3ed3028e7ea7eb053534915b2abf71324
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G1b1A+G1OpEGOFFZsCrTng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5356
x-fb-debug
uFb5ckOFqwICChrml08fHRj9zda4JCHiUWU1f6Nc42mmQygSvuQge3yEC8mSGSYRLEWqT6+KH+Neu9IPQvtAxw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:24:02 GMT
MNqA_sv_DFL.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame 5A8F 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
4a9071508f7166144b974c2809c8d84fd415b80c3699b0a6a75f5cd407eaf1b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
D7a5A9P21C5RV7oXzbjKUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5077
x-fb-debug
qQTYq6K2Wf3XaEbAot8LQ71dV1NF5KOLIJD0pcBUy+jUTb9I5LBAcisC62W/WWN9bjJImioNuQIuJD1faI4tQQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:24:57 GMT
CxzjCMQABR5.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5A8F 		318 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
56e687887be4c418115fa34b4e7c8466f16ffce4ba5678efd915e69af36b1310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hWToMjMFp+0BKau02ycvOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86659
x-fb-debug
WjpY/4mtgt2L7Qi9NlkorA6I//ET1/xhSVrjbGofdN5k2Hs11eAjV0eRCPImuGNpXly2zjrIHmxcG7ZlL31Pbg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 12 Oct 2024 23:29:46 GMT
Zf4fbeAxpoV.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 5A8F 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/Zf4fbeAxpoV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
441e18180227e61d32c049dcf2b01109eb0d1e83f9c1335e0c25448cddc59fcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rWDLj12cLbPgKMqKTmHI2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27873
x-fb-debug
R8S4wGefT9apXJsZqOjK+pzRnJdPR9T7iErwCatK6OAntJIh3vZR5Nl4DPOE4Gb2gBfx9K7FkxS610P/TWjSNg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:48:42 GMT
B6mAd5gypzO.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 5A8F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/B6mAd5gypzO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W/4zPDc5e10tqG6oIdpSHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1699
x-fb-debug
UnYYs1AHnJ+sIL0QKf2CLNehcRdCQStXWpTMDLYXVn4VY9+PYBFO0m3h1YwhpFN/iVNGkt3IIQvbYc03LZYCng==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 06 Oct 2024 23:21:45 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 5A8F 		507 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
ZsvW1p17ZJjyZFQVcbIvwixcNx80/uMukAVTlxfoP/9qHpf2M7g17r4BbBG2eakdb/lrwsCM/uOVkRPu+v9YAA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 05 Oct 2024 02:42:53 GMT
912RZYp40qA.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/y3/l/de_DE/ Frame 5A8F 		237 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/y3/l/de_DE/912RZYp40qA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
8e5624f4d8404357d496a7644251cfd24f22b0a7493f4faac4b9de8a0f064bc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8obx9ThY6V1C3b5/YcUjlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67689
x-fb-debug
vV3GLnbhd/FGyesCr/cpqsEvHGwosbJZ3VPamDxIfFSbftqDofgMMC4b400St5cL2VqXJTaInxlIy9NIHyFYtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:50:54 GMT
rXFBesZmvW_.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5A8F 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/rXFBesZmvW_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
cb7fe7b68be275514b92d236b01a17bc5d2d4545bf20422cd91797402d6c5893
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3g7eyouJi03MIUYxO80Trg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13823
x-fb-debug
cxEU5UMzVXkNMo8KnNffEyGzdbfruX2NBFQq3fq8xNDz1Gc0R7SjbSBD7RF1iBGaWlFTznytJh57Ui6Lg9eGow==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 07 Oct 2024 18:18:53 GMT
vB89aqKLrm-.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/ Frame 5A8F 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/vB89aqKLrm-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
bf6613f7cc26a29c2d25326681a5e15c789f4cec36f328b9100018a8e31648ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BPc5x2bYNtASfByClmcLHQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29964
x-fb-debug
USHmQNVP4zqWr7gOJmJleOVI7t5mXxdsBoPutBZQXLM9W5uFAIBlrjIsnjgjThasKLQRSlcBoFA54LfIevrBjg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:50:00 GMT
356247868_594625386209071_549895525341004885_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 5A8F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/356247868_594625386209071_549895525341004885_n.jpg?stp=dst-jpg_p133x133&_nc_cat=101&ccb=1-7&_nc_sid=5f2048&_nc_ohc=r5u2EEJG9ksAX82wGEf&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAS8xfNle-9dst51pK0jXmYh5EOghaAVGE6ofXoPo-UMw&oe=65314BFE
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
de25f033c4a9c8ed8194cea3f55bd5b9a0498db670963cb2d641bf0930825200

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sun, 02 Jul 2023 15:55:11 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2478290717
thrift_fmhk
GBBmSh+YK7sMoLuIjNKVyF4WFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3814701271
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
5046
346882236_575974574740819_6297113487677248451_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 5A8F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/346882236_575974574740819_6297113487677248451_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=xfUPHp38ptkAX_g3k_d&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfDKhdbpFWoIwiJBoG5TZN02GlmaNpukYnVBeZOLMz7gNw&oe=6532B9C6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallanews&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0394884b772f114b4ef2122a58081fcdad4da8f76fb9d8ee0887a9c9662beec4

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sun, 11 Jun 2023 13:25:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=378042336
thrift_fmhk
GBB8dn4pzkqVerMyj6AlxGgSFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
274974089
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1270
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1697444126710&cv=9&fst=1697444126710&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnews.walla.co.il%2F&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
13081d61c91fb98e640ef98e859b472d48a3109519fb46d324dbf985e3f0e905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1452
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je3ab0&_p=1544128646&cid=1579745487.1697444126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697444126&sct=1&seg=0&dl=https%3A%2F%2Fnews.walla.co.il%2F&dt=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.4.min.css
static.adoric.com/ 		169 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.4.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1356
x-guploader-uploadid
ADPycdt0_FsdF1Q3rIWenL2yrKHcOzwpmnPMHts8EhrCWXHWr-5Sotwc4bnYFli6NcWxd-R_CAv-ahEGgQ9Wt3UaNiZocGNcTDg3
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 08:54:57 GMT
server
cloudflare
etag
W/"d6693c4efa6e72bb9b105bc8e6384b27"
vary
Accept-Encoding
x-goog-hash
crc32c=aiZ+bA==, md5=1mk8TvpucrubEFvI5jhLJw==
x-goog-generation
1693817697766768
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf7SsXkTIixxSgSwaJgO8%2BbS%2Bk%2BD6FJ8DyVnxnmKS1ji0hTO2P327aAZHcWjndkrM%2FOZqdOIF3BXsspBTYlYm18oiQ0cR1kVrEIHvEkMFFnmFxwhyqoh0wU6D9f4npjy%2F3OZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14462
cf-ray
816edaa06813c270-VIE
expires
Mon, 16 Oct 2023 08:16:45 GMT
/
app.adoric-om.com/v1/campaigns/ 		955 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fnews.walla.co.il%2F&d=desktop&lsps=0&pd=M&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
dd5e10e6dfffc29033edb26873ebdedaf7e22a837354111b7b327be7d90cc24d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
955
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"3bb-U6xp5Ak0HjTe5pZLfdjhVSw2kSY"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
spc_fi.php
cdn.firstimpression.io/delivery/ 		59 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6960&url=%2F&charset=UTF-8&ch=10&ref=news.walla.co.il&viewerId=null&referer=&_firid=74311717
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
6e88bba6f18618579dcf1354cced88402b2c3fb82ebee6154d8bee0c9c566ec2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:26 GMT
Content-Encoding
gzip
Via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
11419
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://news.walla.co.il
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
beZjA-X88TjcddHbTUwQ6Z6F2UEi9UNPv5dh9_T0vs2_VQCMB3eiFg==
Expires
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1579745487.1697444126&jid=909599815&_u=aEBAAEAAEAAAACAAI~&z=1000295474
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.at/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1579745487.1697444126&jid=909599815&_u=aEBAAEAAEAAAACAAI~&z=1000295474
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
pmk-20220605.2.js
pm-widget.taboola.com/wallail-walla/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
J_7JEZUDdQ4YrzJhODl8FUK4deJJqu3C
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:26 GMT
x-amz-request-id
9NDCE374C38MYS9S
age
1725444
x-cache
HIT
content-length
28795
x-amz-id-2
QvgwENlSf+z1UDJaA3+qQ+nNgVi3gD/z6HUv3cdVXqj2djObWp4IYJmxYgVooiqcElTnZllnM7g=
x-served-by
cache-vie6364-VIE
last-modified
Tue, 26 Sep 2023 08:56:38 GMT
server
AmazonS3
x-timer
S1697444127.845111,VS0,VE0
etag
"a78996a082a974b0dc6659aacfa84748"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
23561
logo.png
news.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"558e-18b240eb6f2"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
HIT
x-amz-cf-id
mxFS0eBdJ1SvtXw4Qgln8hOLLkCiHm8dX_Y5pM_VL5xbNCCQ23bE8w==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
232626
expires
60
id.json
loader.unblockia.com/c/news.walla.co.il/ 		255 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/news.walla.co.il/id.json
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
505d745707a93d1d90b281e57dd7fcdc9ef70de80846c2c370ab62f5d6e3316e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
NbwtxKC6Vq9W1IDwSW_MTAlF7u3-Xunx5DP4dxVaTTiFDJahzwJzKA==
1616785908557850
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.134&r=stable&domain=news.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
48dc75f6760a4dd75285e76058d028f96823dbdc9bc11114230d1f305e573b2f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 08:15:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35136
x-xss-protection
0
pragma
public
x-fb-debug
n1bWlg25MZ1R298CsGhMQsyt6LVX42o9MRC5jAOOTIyJuRupPmr3RQBNi0eLORz/kJ8OU4iKGWCHP+M4V1oJ2g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fnews.walla.co.il%2F&rl=&if=false&ts=1697444126897&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697444126895.450067066&cs_est=true&ler=empty&it=1697444126473&coo=false&rqm=GET
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 16 Oct 2023 08:15:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1697444126710&cv=9&fst=1697443200000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnews.walla.co.il%2F&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&fmt=3&is_vtc=1&random=2743956037&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.at/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/pagead/1p-user-list/964224610/?random=1697444126710&cv=9&fst=1697443200000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnews.walla.co.il%2F&tiba=%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20-%20%D7%95&fmt=3&is_vtc=1&random=2743956037&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 5A8F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
content-md5
iN31dShDArRt9ZikrDb13w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2616
x-fb-debug
vX8a/KOGqGLAJ7cQtHZo2scwZ4QJbJMC+pFsibdaMn9Gvd6rq+ukcZHTJBpHo8v20418+jprVNeZZJB72O6g/A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 05 Oct 2024 02:34:35 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 5A8F 		573 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:26 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
qaEv9zILJWeLviR9DYAeQa8sJNz1N+Abtdjc2UTYbpeGJZVdbEIoMu7WhcbvsIYiLVk+DpQSmxvyhJK64UvNsg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 08 Oct 2024 07:48:17 GMT
AOSMMkXOBOD.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 5A8F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/AOSMMkXOBOD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
2e30dc04b9a33bbc1591a93497cb143e52b2a69569e059c3790b7fb3aee39203
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H3/mKPbzKBSDmtRrgEEh/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4845
x-fb-debug
j0DxbpU4iSk+i0y1iblx2XRc5vxnvDAqj+wnBHs1U8e3KWD6MStQDGBUWtHyC8psUicq1ufX/uaeezENc5Cogw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 16:51:08 GMT
hZdrGkiU930.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yo/l/de_DE/ Frame 5A8F 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yo/l/de_DE/hZdrGkiU930.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
b1b62801cfcc8ca8814790778f98508d20561c579b45515dbade21d980739dab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
puNy8VA4goW803PQreen0g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7694
x-fb-debug
eR7tWznaB94rjp/fx2OCZdblTfX/QyYpQ7it1Jzk6kMkP307enfQX96el5/Fsi690cVf4SlcfxWtGuZLrwbQOA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 12 Oct 2024 17:42:54 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fnews.walla.co.il%2F&rl=&if=false&ts=1697444127016&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697444126895.450067066&ler=empty&it=1697444126473&coo=false&rqm=GET
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 16 Oct 2023 08:15:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
id.json
loader.unblockia.com/c/walla.co.il/ 		11 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/walla.co.il/id.json
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc2728c7d949752bda4984f25bec537c5c0b85997ef4f04f18c38c692c6044f5

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Y.k3NmzoyTZ0zdgUC3O4.8iIw2VTpCfo
date
Mon, 16 Oct 2023 06:37:07 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
5918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11
last-modified
Tue, 01 Aug 2023 09:59:08 GMT
server
AmazonS3
etag
"2e6dfeea92702371d9fa36441c1e705c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
9MuOXphhCWfsLklrlpB64IsjIvyjDbGXDCTppD2Ta9EeTSi5W0YVng==
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 08:15:27 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:27 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
/
t.unblockia.com/ 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.unblockia.com/?sid=1696&o=1&b=1&p=1&t=4
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-16.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
0
x-amz-cf-id
C88ZCDnK4BqTaPGaJKN0Oj8MzT0F1cyPl6iHiRpf632b8EjfM4LY2g==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1b7a30fec496713d0023f8200bfb664ca2058e1d172adb97e2c5bd5fc09880c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12395
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 08:15:27 GMT
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 08:15:27 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:27 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 2472 		194 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
10629
content-encoding
gzip
content-type
text/html
date
Mon, 16 Oct 2023 05:18:19 GMT
etag
W/"52319100f3cad7c781dec5018ed1ca59"
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
IFLEvoBxqnE_TdIBulx1Ix2K2lnHER4l8S1FuiwCet8pyTNnfthx_A==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
VtKfS.xLqR2wYAZ0uda1_bwOn38WDDK3
x-cache
Hit from cloudfront
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
241632
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		97 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=10%3A15%3A27.320&lti=deflated&data=%7B%22id%22%3A85%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697443329496%2C%22vi%22%3A1697444127316%2C%22cv%22%3A%2220231015-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnews.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fnews.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fnews.walla.co.il%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5635%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Native%20Category%22%2C%22orig_uip%22%3A%22Native%20Category%22%2C%22cd%22%3A1169.328125%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%22%2C%22cd%22%3A2947.375%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%201%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%201%22%2C%22cd%22%3A3342.265625%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%202%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%202%22%2C%22cd%22%3A3715.15625%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%203%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%203%22%2C%22cd%22%3A4132.046875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-j%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Category%22%2C%22orig_uip%22%3A%22Mid%20Category%22%2C%22cd%22%3A4239.15625%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%204%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%204%22%2C%22cd%22%3A4490.9375%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%205%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%205%22%2C%22cd%22%3A4877.828125%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%206%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%206%22%2C%22cd%22%3A5258.71875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-e%3Aabp%3D0%22%2C%22uip%22%3A%22Endless%20Category%22%2C%22orig_uip%22%3A%22Endless%20Category%22%2C%22cd%22%3A5614.734375%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-v%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Category%22%2C%22orig_uip%22%3A%22Left%20Rail%20Category%22%2C%22cd%22%3A826.28125%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CEndless%20Category%3Dthumbnails-e%3Aabp%3D0%2C%2CLeft%20Rail%20Category%3Dthumbnails-v%3Aabp%3D0%2C%2CMid%20Category%3Dthumbnails-j%3Aabp%3D0%2C%2CNative%20Category%3Dthumbnails-stream%3Aabp%3D0%2C%2CText%20Links%20Category%201%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%202%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%203%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%204%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%205%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%206%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%3Dthumbnails-textl%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92bac85cff9a978749f0fb5ecf223cecbb1100c704632bbd7863b1732ec6910a

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
610
date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.2922916666666666
x-fastly-to-nlb-rtt
75374
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-vie6324-VIE
x-log-content-encoding
gzip
server
nginx
x-timer
S1697444127.337656,VS0,VE610
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/wallail-walla/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://news.walla.co.il
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B754 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
23103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:50:24 GMT
expires
Tue, 15 Oct 2024 01:50:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5BA7 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
eb0331543bd060daa915d131bfe23550c492cd94338459aa93b6a964df5f1bbb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LB7Wp1GXnzHj0F_6vZkV_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LB7Wp1GXnzHj0F_6vZkV_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:27 GMT
expires
Mon, 16 Oct 2023 08:15:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame B754 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 08:01:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5BA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310120101&jk=1095109406209791&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B754 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XoTgEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=59141
accept-ranges
bytes
content-length
65459
expires
Tue, 17 Oct 2023 00:41:08 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
816edaa64b505b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231016
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9bf839e0880f32022ea0180f75c59c2c48e814329babaa6942ea93a349da76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15276
x-jsd-version
1.0.1844
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4548-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-uw2BLHwSNKQcjgXPBNPgw79qi3k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BH9id2l6iMYih%2FNv3EsVhroIj%2Ffx40elOFlr1K%2FIwY9hJ4JZ%2Fj6vp%2F7Gd0s%2B6gfmQqZG%2BWCfgxLEB7IlxUwd7sDkRrIKkKpgPR7q5gEH0l3UDaBAq5pxio7kh9NqHgmfGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
816edaa65d88c31e-VIE
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:27 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1183963
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5EiT7bH%2FBMfkY74wXKdL0HwGyp0%2FawzEeW8Aj7HDXjXpcTPrsUBmrfVX2NuElw2uAmWOASHgw8dUfLWTpeSTePhlBAzQ9X%2BbdiwgXNZu4leTtANFqV4MLEQMYDB%2B54W"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
816edaa66a3e5ae2-VIE
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3def2fb609b4577c61499e9d37bce170e440a9477b66398833de79a850a13062

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 16 Oct 2023 08:15:27 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://news.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
2214040
bs.yandex.ru/prebid/ 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
last-modified
Mon, 16 Oct 2023 08:15:27 GMT
x-yandex-req-id
1697444127908037-928038411453402238500182-production-app-host-vla-pcode-441
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 16 Oct 2023 08:15:27 GMT
2214040
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
last-modified
Mon, 16 Oct 2023 08:15:27 GMT
x-yandex-req-id
1697444127920427-1260134085118785715500337-production-app-host-vla-pcode-422
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 16 Oct 2023 08:15:27 GMT
2214040
bs.yandex.ru/prebid/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
last-modified
Mon, 16 Oct 2023 08:15:28 GMT
x-yandex-req-id
1697444127916493-1823631845744827405800190-production-app-host-vla-pcode-521
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 16 Oct 2023 08:15:28 GMT
2214040
bs.yandex.ru/prebid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
last-modified
Mon, 16 Oct 2023 08:15:27 GMT
x-yandex-req-id
1697444127920562-1446684413791359397000187-production-app-host-vla-pcode-528
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 16 Oct 2023 08:15:27 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
last-modified
Mon, 16 Oct 2023 08:15:27 GMT
x-yandex-req-id
1697444127924704-1451641711317881749700187-production-app-host-vla-pcode-172
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 16 Oct 2023 08:15:27 GMT
2214040
bs.yandex.ru/prebid/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=news.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
last-modified
Mon, 16 Oct 2023 08:15:27 GMT
x-yandex-req-id
1697444127917593-187413226926858964900343-production-app-host-vla-pcode-56
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 16 Oct 2023 08:15:27 GMT
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
mp.4dex.io/ 		60 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 16 Oct 2023 08:15:28 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: adSlot-0, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: adSlot-5
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
816edaa83efec245-VIE
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
816edaa69bef5b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
816edaa69bf15b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
816edaa69bf45b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
816edaa69bf65b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
816edaa69bf75b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
816edaa69bed5b06-VIE
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:29 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=66194022559&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
0
bid-request
a.teads.tv/hb/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 16 Oct 2023 08:15:28 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1095109406209791&correlator=2500305911369319&eid=31078743%2C31078806&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5&prev_iu_szs=970x40%7C970x50%7C970x80%2C1x1%2C1x1&ifi=16&didk=1193245113~1193245112~1193245115&sfv=1-0-40&ists=2&eri=1&sc=1&cookie=ID%3D5b10ba2110ab9c23%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MZDv9ShvOnBMmMyYt5A4gvA6p-LBQ&gpic=UID%3D00000c99fc91fbe4%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MYZw1-b24AVkLGVzBT1fnq_TLVGZw&abxe=1&dt=1697444127809&lmt=1697436927&adxs=315%2C-12245933%2C800&adys=1200%2C-12245933%2C116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=16%7C-1%7C0&ucis=g%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.walla.co.il%2F&vis=1&psz=0x-1%7C0x-1%7C1600x0&msz=970x-1%7C0x-1%7C0x0&fws=644%2C640%2C132&ohw=0%2C0%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1579745487.1697444126&ga_sid=1697444127&ga_hid=1544128646&ga_fc=true&dlt=1697444125237&idt=1319&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=578455068%2C3148174723%2C2933179666&frm=20&is_cau=%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0661a550305eb4da35c63e7abd28457053030e68216cba4186b5395e7268ea73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19879
x-xss-protection
0
google-lineitem-id
-1,-2,5448236810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,138319714452
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:43 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
816edb07cafe5a68-VIE
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:43 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1183877
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDgITHp%2F%2BLyp3FR93B8J1zwKbOV9KPcaTBuiVy85SMP3z%2BRfl6b1KSBialnqBep5wKgrHwyDG6t9jha5%2BLIJpJRMYXqsAkgCcJ6sadfUXMO6K3We0qkHBCjUJtc5jFJg"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
816edb07ac725a56-VIE
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
262443
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
816edaa74cc25b06-VIE
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 0227 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edaa78d165b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:27 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 61A1 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 78B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 08:15:28 GMT
X-Sovrn-Pod
ad_ap1ams1
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		891 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a2d02bdc12514b10669ec05c7bae37d0bcc057e6055e0a6d05b0f0872f3913

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Y1cNRiLvJDHzQs3mh8lp5oON2p4SX0wT
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
DA4B14KZFSHYQ5S5
age
713
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
69568
x-amz-id-2
wU6S3ykS0ysyqj2di64Kg8oZEw8z0QxHjvrMDypl0QKS3Tnu+hXT4Om7BTxOg5LT/2mKa6TBJFk=
x-served-by
cache-vie6364-VIE
last-modified
Mon, 16 Oct 2023 08:03:28 GMT
server
AmazonS3
x-timer
S1697444128.010194,VS0,VE0
etag
"40e4c8bdee4f96dca8e0abcf79415424"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
78
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
19
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.5/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
211db15248b61a7992584cb78d84964757846cb048ea35a4abac7e383437286d

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
age
335677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35124
x-served-by
cache-vie6364-VIE
last-modified
Thu, 12 Oct 2023 10:57:51 GMT
server
AmazonS3
x-timer
S1697444128.020822,VS0,VE0
etag
"02b884bd62309eee116bd451e8cdbff7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
6vtwO3Ijls__23y33gmuf6FMyYzQuFyeueWLpR3kU1GHvS5X7inBWQ==
x-cache-hits
39055
feed-card-placeholder.20231015-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231015-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6376de7e0d158f0ec24af9380b2d3dc098d6f03f345aecb3fe79c78c8af36a58

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2jKpYPeI0mv0ptBau7b7naCtgw3QqqrU
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
VVAVHA8PXQ6BZF5T
age
407
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
z1dhf4A79XbMKkGtJDQtROsJz17ZL2Pdb6F5ZTZBUKMU4u7MzQYC9u82TPld1Bp0B+BwzdyG22Y=
x-served-by
cache-vie6324-VIE
last-modified
Mon, 16 Oct 2023 08:08:41 GMT
server
AmazonS3
x-timer
S1697444128.016364,VS0,VE0
etag
"93ae3df53a04d6304c0716c88601d559"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
38
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1000
userx.20231015-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231015-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
336bc80c3c562401ccfe75bfa1873a4536837b926aaf7b82cd9b0d80b8425167

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
3PmGJmjvWj0ZgKAQ87zUj8xYRQg3Z4dO
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
5QP0H7S79E5FHMYF
age
380
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
mYAiP+XyYNQMKDRgpHOdEiGq+4yMXCX2qvk5kL5S4wGBnfoW2C9xYUe7Lq0C0M/yOpyFK3kJeAU=
x-served-by
cache-vie6324-VIE
last-modified
Mon, 16 Oct 2023 08:09:08 GMT
server
AmazonS3
x-timer
S1697444128.032476,VS0,VE0
etag
"168539d90a015fdcd648b5314510ac0a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
332
distance-from-article.20231015-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231015-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b01686832095e1b653fea6ec3776b8c433b9c3ec9f9d3cd7fe0fde1d3e1b2e7d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
KrKj1_CVtH6eI.m6s28d3YaJzC0euQKp
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
7RYDXCZMGYZ96DE7
age
413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
AYWIsWkS1+Ad8KGnvP7q+0J7iIzD4Zl8u64nAFuRfUCFOUZq2wuTP8wweiocQjFWTWQ+sR5PeQc=
x-served-by
cache-vie6324-VIE
last-modified
Mon, 16 Oct 2023 08:08:35 GMT
server
AmazonS3
x-timer
S1697444128.033450,VS0,VE0
etag
"0cfa607bb0f414ad502d61da4f2e72e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
2
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1312
article-detection.20231015-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231015-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7ecc10fe1432f2446f81e950cf3d85a35abd08abc9eaa12f96a5bc8ae62298

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
y7OonYLZnrlMtSiuARts_rY17gh36JoY
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
R3TP8A8QDGJ8F284
age
420
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
vsPKqoPGlh4ZVztSrPFyiTxMcVMqVT5Pk4YNaX99JS3kiJolqyBg1PnE6m8gafoHMurhNNmOPRU=
x-served-by
cache-vie6324-VIE
last-modified
Mon, 16 Oct 2023 08:08:28 GMT
server
AmazonS3
x-timer
S1697444128.033748,VS0,VE0
etag
"b237201d333652274c824b4c5caeb73b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1328
abtests
il-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:IL:V&tvi48=12019&tvi50=13497&lti=deflated&ri=12e22a335114a396103e666fcbe857f1&sd=v2_992c757910edfc5fc51dccf83e7a2a59_9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f_1697444127_1697444127_CIi3jgYQk-FcGNTEt7yzMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f&pi=/&wi=7025978351414212080&pt=category&vi=1697444127316&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1697444128017%7D&tim=10%3A15%3A28.017&id=5390&llvl=2&cv=20231015-3-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
HJ09X8P4R5KH42F4
age
59
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
faxoqOsk5L3JnOp4CGBe8HUwS5iaEetHw/chB8MAH8m+ety0Y1JRUtqjb3j3A4EIJUkOzqIpZ3duwTaXeu03nw==
x-served-by
cache-vie6324-VIE
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1697444128.055511,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
41
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
74
almoni-neue-aaa-500.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"e7c0-18b240eb70c"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
nLqvo4mWF3ZXIlSbS6ZYtrXFhu-Wh28qD_7bBj8gFhJ0kPIHtLg-Qw==
almoni-neue-aaa-400.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
etag
W/"e770-18b240eb70c"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
qCqiMM2wfdIrwDB8DWQqk2dvmxGmi-aUJADPP-SwlozJuaRjfMLUlA==
social
il-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:IL:V&tvi48=12019&tvi50=13497&lti=deflated&ri=12e22a335114a396103e666fcbe857f1&sd=v2_992c757910edfc5fc51dccf83e7a2a59_9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f_1697444127_1697444127_CIi3jgYQk-FcGNTEt7yzMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f&pi=/&wi=7025978351414212080&pt=category&vi=1697444127316&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnews.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%9E%D7%94%D7%A2%D7%95%D7%9C%D7%9D%3A%20%D7%9B%D7%AA%D7%91%D7%95%D7%AA%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%2024%2F7%20%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%22%2C%22sec%22%3A%22%D7%97%D7%93%D7%A9%D7%95%D7%AA%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F1%2F8%2F9%2F2%2F1892178-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=10%3A15%3A28.060&id=2950&llvl=2&cv=20231015-3-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
non-responsive-widget.20231015-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/non-responsive-widget.20231015-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea9b1d5a5c11301f95a66cf97119595e951432a742abde8a3596cb44daf84926

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
j6fFi_U.2q13tUKerpbVExW5gARzZqD5
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:28 GMT
x-amz-request-id
7WA1V4Q0RM3Z4608
age
396
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5644
x-amz-id-2
nklbr8fGK9S01jYsnQRmRkVj67fnXiwDT99IlzVwpn+v33q8PY2c2PUQGMA4fDgGa4epWuSPWFvU5txCI+uoFw==
x-served-by
cache-vie6324-VIE
last-modified
Mon, 16 Oct 2023 08:08:51 GMT
server
AmazonS3
x-timer
S1697444128.076565,VS0,VE0
etag
"a933f8f23cff789e35b0f7cb05384d32"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11
bulk-metrics
il-trc-events.taboola.com/wallail-walla/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/3/bulk-metrics?tvi48=12019&tvi50=13497&route=AM%3AIL%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://news.walla.co.il
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sync
ups.analytics.yahoo.com/ups/58170/ Frame 850B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fnews.walla.co.il%2F&rd=1
  • https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
0
date
Mon, 16 Oct 2023 08:15:29 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000

Redirect headers

cache-control
no-store
content-language
en
content-length
370
content-type
text/html
date
Mon, 16 Oct 2023 08:15:29 GMT
location
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
server
ATS/9.1.10.87
4a802a0dd6ab114716e578490ea5e129.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a802a0dd6ab114716e578490ea5e129.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fe0bffed3478b4de88aed7b8da3b16c0d4c38c6fb131ed8df4230d57f7bd4a2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a802a0dd6ab114716e578490ea5e129.png
age
1631536
edge-cache-tag
575747513827686866118309696465911889654,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
575747513827686866118309696465911889654,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
256
expiration
expiry-date="Fri, 27 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
34940
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kjyo7100079-IAD, cache-iad-kjyo7100087-IAD, cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 11:28:55 GMT
server
nginx
surrogate-reporting
width=1456,height=728,bytes=131231,owidth=1456,oheight=816,obytes=1580755
x-timer
S1697444128.122376,VS0,VE2
etag
"2a7548adeef16aa90f33c5a786bda7fd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
43c014f16e27b2066b593c68c68acb47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c014f16e27b2066b593c68c68acb47.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b48ec39842395615408e78b90f25ddc2a53f286e8532dd42e23aa87d4b3e8d65

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c014f16e27b2066b593c68c68acb47.jpg
age
1637198
edge-cache-tag
557819962614859864023993052897792631276,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
557819962614859864023993052897792631276,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
501
req-referer
https://www.krone.at/
content-length
12598
x-request-id
afe7ccf31348c9a6ac3abb9dfb1a7fed
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000091-IAD, cache-iad-kcgs7200025-IAD, cache-sna10749-LGB, cache-iad-kcgs7200068-IAD, cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 13:01:22 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=25926,owidth=1456,oheight=816,obytes=230542
x-timer
S1697444128.122423,VS0,VE0
etag
"bf5272e3f33cda4fdd4ae5d9643ff27c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 58, 2
465af0ff-323f-493b-bb6a-fb4a8c0552c8__ZPcgjsvX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/465af0ff-323f-493b-bb6a-fb4a8c0552c8__ZPcgjsvX.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d8115186afa77b40d91a8cc8289c18beb3178589ddc3587cdf3cd5998d747de

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/465af0ff-323f-493b-bb6a-fb4a8c0552c8__ZPcgjsvX.jpg
age
2896257
edge-cache-tag
479261126985732757653051624584910549799,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
479261126985732757653051624584910549799,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
86
req-referer
https://www.noen.at/
content-length
4220
x-request-id
5e59cd42e51627de269375d0839b1dd4
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200134-IAD, cache-pdk-kpdk1780059-PDK, cache-iad-kjyo7100035-IAD, cache-vie6324-VIE
last-modified
Tue, 05 Sep 2023 08:02:16 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=11369,owidth=1999,oheight=2006,obytes=105737
x-timer
S1697444128.122817,VS0,VE1
etag
"6fdc909f6558f2c346232d57af9cac56"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 0, 1
aa8d02bb0f7e04cc46ec39c9c196e5cd.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1366%2Cx_0%2Cy_43/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1366%2Cx_0%2Cy_43/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aa8d02bb0f7e04cc46ec39c9c196e5cd.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c34939acc057f7471e5b4e8016335c4d3e4e3d775e92b6fe689db086f129cfb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1366%2Cx_0%2Cy_43/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aa8d02bb0f7e04cc46ec39c9c196e5cd.png
age
331326
edge-cache-tag
446076183393068136384810033567372258683,328494768570202081134978176879754781997,29ecf9b93bbf306179626feeda1fab70
cache-tag
446076183393068136384810033567372258683,328494768570202081134978176879754781997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
662
req-referer
https://ads.taboola.com/
content-length
62092
x-request-id
0b9c1c7732855b0d9c29bc5cc1afe6d3
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200101-IAD, cache-iad-kjyo7100178-IAD, cache-sna10738-LGB, cache-iad-kiad7000137-IAD, cache-vie6324-VIE
last-modified
Thu, 12 Oct 2023 12:12:37 GMT
server
nginx
surrogate-reporting
width=1366,height=683,bytes=164519,owidth=1366,oheight=768,obytes=453470
x-timer
S1697444128.122364,VS0,VE0
etag
"f767e9792a671ca4f260539afdcaf92d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 11
3613923-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/3/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/3/3613923-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36e12c0782b5df8745c0e5f2d32b1239ecdfa62db99ad43f00f5a2161df0042e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/3/3613923-46.jpg
age
90380
edge-cache-tag
345976992746766555574095257677784136173,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
345976992746766555574095257677784136173,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
58
req-referer
https://news.walla.co.il/
content-length
14618
x-request-id
628953dfc075ad9e923f181373a58bb6
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kcgs7200144-IAD, cache-chi-klot8100077-CHI, cache-iad-kjyo7100147-IAD, cache-vie6324-VIE
last-modified
Sun, 15 Oct 2023 07:09:09 GMT
server
nginx
surrogate-reporting
width=840,height=466,bytes=49838,owidth=840,oheight=471,obytes=35302
x-timer
S1697444128.122870,VS0,VE0
etag
"b6c98a83280fcc5256afc519bc2495c1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 13, 169
1945066-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/1/9/4/5/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/1/9/4/5/1945066-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
121c8857ffb7d4341abca73f89459b82e0d8547feb3844541937e8e2a23741ab

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/1/9/4/5/1945066-46.jpg
age
1703083
edge-cache-tag
617324858134318879402704216460302318175,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
617324858134318879402704216460302318175,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
261
req-referer
https://news.walla.co.il/
content-length
11228
x-request-id
1c74899b114ceda6e39b1390915f4d83
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kiad7000108-IAD, cache-ewr18155-EWR, cache-iad-kcgs7200093-IAD, cache-vie6324-VIE
last-modified
Sun, 10 Sep 2023 06:39:41 GMT
server
nginx
surrogate-reporting
width=955,height=530,bytes=56967,owidth=955,oheight=536,obytes=76362
x-timer
S1697444128.122858,VS0,VE4
etag
"a2dbe54b4c96b1caaee7265259e9eadd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 30, 1, 28, 1
a4cf5c9eb4ae0470f4341fe935184a00.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4cf5c9eb4ae0470f4341fe935184a00.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2f9f88df71fc7ead73080036488336b31ddc356eec4b9548e86a4a18fec1b36

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4cf5c9eb4ae0470f4341fe935184a00.png
age
1716501
edge-cache-tag
381285404124762591518635381621915576259,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
381285404124762591518635381621915576259,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
req-referer
https://www.bola.com/ragam/read/5015822/siti-fadia-menahan-sakit-tetap-ngotot-bermain-sampai-lolos-ke-final-singapore-open-2022
content-length
49594
x-request-id
4f9a5367271c35c51bc2cdc7383b7344
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100059-IAD, cache-iad-kjyo7100177-IAD, cache-iad-kiad7000027-IAD, cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 11:26:44 GMT
server
nginx
surrogate-reporting
width=1456,height=728,bytes=172478,owidth=1456,oheight=816,obytes=1959922
x-timer
S1697444128.144106,VS0,VE1
etag
"4b34a294f928dce74a7c97050294ca67"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 13, 1
RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 4906
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697444134235
  • https://ad.turn.com/r/cs?pid=45&rndcb=5158842444
  • https://sync.1rx.io/usersync/turn/2793941312454047967?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-36048f1e-9a35-43b9-b5c6-5bc...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003
0
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edad2cb535b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Mon, 16 Oct 2023 08:15:34 GMT
etag
RX36048f1e9a3543b9b5c65bc136d93a31003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-36048f1e-9a35-43b9-b5c6-5bc136d93a31-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
035ff7ad968ad1ce9c52ab0697d98c9b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/035ff7ad968ad1ce9c52ab0697d98c9b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad4e13531611290f1052c14627ba9694fba233fd9d7633f7890a86a0419f1709

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/035ff7ad968ad1ce9c52ab0697d98c9b.png
age
1143934
edge-cache-tag
416247116219958748439426876912578042078,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
416247116219958748439426876912578042078,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
142
expiration
expiry-date="Sun, 22 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://newsable.asianetnews.com/
content-length
11780
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200135-IAD, cache-iad-kjyo7100053-IAD, cache-iad-kiad7000121-IAD, cache-vie6324-VIE
last-modified
Thu, 21 Sep 2023 10:48:49 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=22592,owidth=600,oheight=400,obytes=419620
x-timer
S1697444128.145068,VS0,VE1
etag
"6ab61c2cd934bba3da6f7814dfd03663"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4, 1
7876e4ee2519c2f661d93f8da2a02e4c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7876e4ee2519c2f661d93f8da2a02e4c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
284c0f89e22b0046ff9329bb7d7311259a6ffba27921fdea0814201a08d946ef

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7876e4ee2519c2f661d93f8da2a02e4c.jpg
age
253926
edge-cache-tag
336739804326455073221175629069799251910,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
336739804326455073221175629069799251910,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
296
req-referer
https://www.lefigaro.fr/sports/rugby/coupe-du-monde/coupe-du-monde-de-rugby-une-charniere-surprise-pour-les-springboks-face-aux-bleus-20231013
content-length
10644
x-request-id
b5d019e36dc59f777aab6c4a64860e1a
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kiad7000130-IAD, cache-iad-kcgs7200139-IAD, cache-vie6324-VIE
last-modified
Fri, 13 Oct 2023 08:47:52 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=16756,owidth=1200,oheight=800,obytes=97980
x-timer
S1697444128.145521,VS0,VE1
etag
"22cb95a9f86cdc0f9d1ec09a3ad4965b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 15, 1
a93fd07c49f1674c5df7b5c3324e2567.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a93fd07c49f1674c5df7b5c3324e2567.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e858fccb482a1022860746df30e6ced9a5a61200bab00e96064f79153e24ed0e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a93fd07c49f1674c5df7b5c3324e2567.jpeg
age
2663958
edge-cache-tag
516465662666184451914221141364266328192,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
516465662666184451914221141364266328192,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
46
req-referer
https://www.ligaportal.at/
content-length
9998
x-request-id
1eba9b6af501385904fc6f19ed6b7e7a
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kiad7000058-IAD, cache-iad-kjyo7100036-IAD, cache-vie6324-VIE
last-modified
Sat, 26 Aug 2023 05:40:10 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=15678,owidth=600,oheight=540,obytes=216337
x-timer
S1697444128.145500,VS0,VE1
etag
"435bca3d1468ad4de4988f5c219baeb8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 8, 1
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1429%2Cx_10%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		329 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1429%2Cx_10%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe111f980fb081dd345743bb4d5dce69a4da38ffc9c053844a7ecc1737f9e047

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1429%2Cx_10%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
1144616
edge-cache-tag
614864820090109347195755692061116706336,369442898425366675892027597228738898400,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,369442898425366675892027597228738898400,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
902
expiration
expiry-date="Sun, 22 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.werstreamt.es/
content-length
336606
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100023-IAD, cache-iad-kjyo7100151-IAD, cache-iad-kcgs7200158-IAD, cache-vie6324-VIE
last-modified
Thu, 21 Sep 2023 08:40:01 GMT
server
nginx
surrogate-reporting
width=1429,height=804,bytes=814837,owidth=1439,oheight=804,obytes=2416163
x-timer
S1697444128.145488,VS0,VE0
etag
"94a9b3332c4431eacfce087662ae9874"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2216, 371
debug
il-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/2/debug?tim=10%3A15%3A28.115&type=usage&msg=image_utils-event-1697444128115&llvl=2&id=7339&cv=20231015-3-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~-5408676367422922959~~iHNM940bi-MS%22%2C%22isCropping%22%3Atrue%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63278
debug
il-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/2/debug?tim=10%3A15%3A28.129&type=usage&msg=image_utils-event-1697444128129&llvl=2&id=3102&cv=20231015-3-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~-3682811329014059945~~MTv7FyLwV8Ow%22%2C%22isCropping%22%3Atrue%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63278
bulk-metrics
il-trc-events.taboola.com/wallail-walla/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/3/bulk-metrics?tvi48=12019&tvi50=13497&route=AM%3AIL%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://news.walla.co.il
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
6093f3e9-54fc-5321-8fee-125beac2e378
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 64B0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-8432154746699774259
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/6093f3e9-54fc-5321-8fee-125beac2e378
0
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6093f3e9-54fc-5321-8fee-125beac2e378
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edabec98b5b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6093f3e9-54fc-5321-8fee-125beac2e378
container.html
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
expires
Tue, 15 Oct 2024 08:15:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame DBB8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5kp3d4nBvU27jdL8qSwFRnH2_Ju2zd-cZV_LAyfKs24TotEdFw0Lf5PZw6junBu_FnHUYiJEin2FZUYw3AL0WGDpsW9c0QjsnOCrOUtSrw-ydHTEUsR0TwIhpZglicfy3P5rDzr90rzdc62R1ePXqpfK-SmiKLa5oMMEU8RP85XELWiITYnzagqHTKvT3h05Bh35X6VV1lGZGmwQ2lUavDRdl3DknOKwi8_hIk-8AAKuzNUou5MFZsmhU7nqU7CKKHREOu8FGfZMzSkfDNSIuN5fyzYgZQalOJjZQev4KXCLImogQ8N_cCyNeeLXQECpkjH__JPVNIWdpgkWmXSFX3_H42wN9V5jK8UkTOILrPXXuxwcTHd9olvf_SokhRcURsog&sai=AMfl-YSOKtY-tqv0cKhpwgmaCVZAuxIgmAw5N-8Lmcg4D7DNReN1e4QMqXPXnSB-bwWDaRwq4stIg2hmM52KwhYqs9ihn8iJWtEi5tATZdJmo4cE3rw1pN8ZNNWX2mmmWg&sig=Cg0ArKJSzM9cjkzFtpclEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
fee23b5a-054e-4b5d-8f8f-96951508ed72
player.ex.co/renderer/ Frame DBB8 		194 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/renderer/fee23b5a-054e-4b5d-8f8f-96951508ed72
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b9bf61c23f475dc049f2c385ce3505007b5162eba89b52f128a4da4658d1e5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
age
8076
x-cache
MISS, HIT
content-length
69216
x-served-by
cache-iad-kcgs7200168-IAD, cache-vie6366-VIE
server
nginx
x-timer
S1697444128.496465,VS0,VE2
etag
W/"30903-N68R4AdfTipoPuCcHasC7LzzLuM"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DBB8 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:28 GMT
43c014f16e27b2066b593c68c68acb47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c014f16e27b2066b593c68c68acb47.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b48ec39842395615408e78b90f25ddc2a53f286e8532dd42e23aa87d4b3e8d65

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c014f16e27b2066b593c68c68acb47.jpg
age
1637198
edge-cache-tag
557819962614859864023993052897792631276,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
557819962614859864023993052897792631276,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
501
req-referer
https://www.krone.at/
content-length
12598
x-request-id
afe7ccf31348c9a6ac3abb9dfb1a7fed
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000091-IAD, cache-iad-kcgs7200025-IAD, cache-sna10749-LGB, cache-iad-kcgs7200068-IAD, cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 13:01:22 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=25926,owidth=1456,oheight=816,obytes=230542
x-timer
S1697444128.207057,VS0,VE0
etag
"bf5272e3f33cda4fdd4ae5d9643ff27c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 58, 3
supply-feature
il-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/3/supply-feature?route=AM:IL:V&tvi48=12019&tvi50=13497&lti=deflated&ri=12e22a335114a396103e666fcbe857f1&sd=v2_992c757910edfc5fc51dccf83e7a2a59_9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f_1697444127_1697444127_CIi3jgYQk-FcGNTEt7yzMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f&pi=/&wi=7025978351414212080&pt=category&vi=1697444127316&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%222.90625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=10%3A15%3A28.211&id=3342&llvl=2&cv=20231015-3-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/2/debug?tim=10%3A15%3A28.218&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6754&cv=20231015-3-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63278
465af0ff-323f-493b-bb6a-fb4a8c0552c8__ZPcgjsvX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/465af0ff-323f-493b-bb6a-fb4a8c0552c8__ZPcgjsvX.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d8115186afa77b40d91a8cc8289c18beb3178589ddc3587cdf3cd5998d747de

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/465af0ff-323f-493b-bb6a-fb4a8c0552c8__ZPcgjsvX.jpg
age
2896257
edge-cache-tag
479261126985732757653051624584910549799,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
479261126985732757653051624584910549799,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
86
req-referer
https://www.noen.at/
content-length
4220
x-request-id
5e59cd42e51627de269375d0839b1dd4
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200134-IAD, cache-pdk-kpdk1780059-PDK, cache-iad-kjyo7100035-IAD, cache-vie6324-VIE
last-modified
Tue, 05 Sep 2023 08:02:16 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=11369,owidth=1999,oheight=2006,obytes=105737
x-timer
S1697444128.236167,VS0,VE0
etag
"6fdc909f6558f2c346232d57af9cac56"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 0, 2
aa8d02bb0f7e04cc46ec39c9c196e5cd.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1366%2Cx_0%2Cy_43/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1366%2Cx_0%2Cy_43/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aa8d02bb0f7e04cc46ec39c9c196e5cd.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c34939acc057f7471e5b4e8016335c4d3e4e3d775e92b6fe689db086f129cfb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1366%2Cx_0%2Cy_43/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aa8d02bb0f7e04cc46ec39c9c196e5cd.png
age
331326
edge-cache-tag
446076183393068136384810033567372258683,328494768570202081134978176879754781997,29ecf9b93bbf306179626feeda1fab70
cache-tag
446076183393068136384810033567372258683,328494768570202081134978176879754781997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
662
req-referer
https://ads.taboola.com/
content-length
62092
x-request-id
0b9c1c7732855b0d9c29bc5cc1afe6d3
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200101-IAD, cache-iad-kjyo7100178-IAD, cache-sna10738-LGB, cache-iad-kiad7000137-IAD, cache-vie6324-VIE
last-modified
Thu, 12 Oct 2023 12:12:37 GMT
server
nginx
surrogate-reporting
width=1366,height=683,bytes=164519,owidth=1366,oheight=768,obytes=453470
x-timer
S1697444128.236584,VS0,VE0
etag
"f767e9792a671ca4f260539afdcaf92d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 12
3613923-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/3/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/3/3613923-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36e12c0782b5df8745c0e5f2d32b1239ecdfa62db99ad43f00f5a2161df0042e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/3/3613923-46.jpg
age
90380
edge-cache-tag
345976992746766555574095257677784136173,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
345976992746766555574095257677784136173,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
58
req-referer
https://news.walla.co.il/
content-length
14618
x-request-id
628953dfc075ad9e923f181373a58bb6
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kcgs7200144-IAD, cache-chi-klot8100077-CHI, cache-iad-kjyo7100147-IAD, cache-vie6324-VIE
last-modified
Sun, 15 Oct 2023 07:09:09 GMT
server
nginx
surrogate-reporting
width=840,height=466,bytes=49838,owidth=840,oheight=471,obytes=35302
x-timer
S1697444128.240426,VS0,VE0
etag
"b6c98a83280fcc5256afc519bc2495c1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 13, 170
smwt256.gif
us.ck-ie.com/ Frame 637D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 16 Oct 2023 08:15:28 GMT
Server
nginx
4a802a0dd6ab114716e578490ea5e129.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a802a0dd6ab114716e578490ea5e129.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fe0bffed3478b4de88aed7b8da3b16c0d4c38c6fb131ed8df4230d57f7bd4a2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a802a0dd6ab114716e578490ea5e129.png
age
1631536
edge-cache-tag
575747513827686866118309696465911889654,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
575747513827686866118309696465911889654,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
256
expiration
expiry-date="Fri, 27 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
34940
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kjyo7100079-IAD, cache-iad-kjyo7100087-IAD, cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 11:28:55 GMT
server
nginx
surrogate-reporting
width=1456,height=728,bytes=131231,owidth=1456,oheight=816,obytes=1580755
x-timer
S1697444128.262280,VS0,VE0
etag
"2a7548adeef16aa90f33c5a786bda7fd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1429%2Cx_10%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		329 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1429%2Cx_10%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe111f980fb081dd345743bb4d5dce69a4da38ffc9c053844a7ecc1737f9e047

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1429%2Cx_10%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
1144616
edge-cache-tag
614864820090109347195755692061116706336,369442898425366675892027597228738898400,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,369442898425366675892027597228738898400,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
902
expiration
expiry-date="Sun, 22 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.werstreamt.es/
content-length
336606
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100023-IAD, cache-iad-kjyo7100151-IAD, cache-iad-kcgs7200158-IAD, cache-vie6324-VIE
last-modified
Thu, 21 Sep 2023 08:40:01 GMT
server
nginx
surrogate-reporting
width=1429,height=804,bytes=814837,owidth=1439,oheight=804,obytes=2416163
x-timer
S1697444128.274356,VS0,VE0
etag
"94a9b3332c4431eacfce087662ae9874"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2216, 372
1945066-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/1/9/4/5/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/1/9/4/5/1945066-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
121c8857ffb7d4341abca73f89459b82e0d8547feb3844541937e8e2a23741ab

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/1/9/4/5/1945066-46.jpg
age
1703083
edge-cache-tag
617324858134318879402704216460302318175,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
617324858134318879402704216460302318175,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
261
req-referer
https://news.walla.co.il/
content-length
11228
x-request-id
1c74899b114ceda6e39b1390915f4d83
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kiad7000108-IAD, cache-ewr18155-EWR, cache-iad-kcgs7200093-IAD, cache-vie6324-VIE
last-modified
Sun, 10 Sep 2023 06:39:41 GMT
server
nginx
surrogate-reporting
width=955,height=530,bytes=56967,owidth=955,oheight=536,obytes=76362
x-timer
S1697444128.274340,VS0,VE0
etag
"a2dbe54b4c96b1caaee7265259e9eadd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 30, 1, 28, 2
a4cf5c9eb4ae0470f4341fe935184a00.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4cf5c9eb4ae0470f4341fe935184a00.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2f9f88df71fc7ead73080036488336b31ddc356eec4b9548e86a4a18fec1b36

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4cf5c9eb4ae0470f4341fe935184a00.png
age
1716501
edge-cache-tag
381285404124762591518635381621915576259,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
381285404124762591518635381621915576259,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
req-referer
https://www.bola.com/ragam/read/5015822/siti-fadia-menahan-sakit-tetap-ngotot-bermain-sampai-lolos-ke-final-singapore-open-2022
content-length
49594
x-request-id
4f9a5367271c35c51bc2cdc7383b7344
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100059-IAD, cache-iad-kjyo7100177-IAD, cache-iad-kiad7000027-IAD, cache-vie6324-VIE
last-modified
Tue, 26 Sep 2023 11:26:44 GMT
server
nginx
surrogate-reporting
width=1456,height=728,bytes=172478,owidth=1456,oheight=816,obytes=1959922
x-timer
S1697444128.274310,VS0,VE0
etag
"4b34a294f928dce74a7c97050294ca67"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 13, 2
035ff7ad968ad1ce9c52ab0697d98c9b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/035ff7ad968ad1ce9c52ab0697d98c9b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad4e13531611290f1052c14627ba9694fba233fd9d7633f7890a86a0419f1709

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/035ff7ad968ad1ce9c52ab0697d98c9b.png
age
1143934
edge-cache-tag
416247116219958748439426876912578042078,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
416247116219958748439426876912578042078,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
142
expiration
expiry-date="Sun, 22 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://newsable.asianetnews.com/
content-length
11780
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200135-IAD, cache-iad-kjyo7100053-IAD, cache-iad-kiad7000121-IAD, cache-vie6324-VIE
last-modified
Thu, 21 Sep 2023 10:48:49 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=22592,owidth=600,oheight=400,obytes=419620
x-timer
S1697444128.279065,VS0,VE0
etag
"6ab61c2cd934bba3da6f7814dfd03663"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4, 2
7876e4ee2519c2f661d93f8da2a02e4c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7876e4ee2519c2f661d93f8da2a02e4c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
284c0f89e22b0046ff9329bb7d7311259a6ffba27921fdea0814201a08d946ef

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7876e4ee2519c2f661d93f8da2a02e4c.jpg
age
253926
edge-cache-tag
336739804326455073221175629069799251910,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
336739804326455073221175629069799251910,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
296
req-referer
https://www.lefigaro.fr/sports/rugby/coupe-du-monde/coupe-du-monde-de-rugby-une-charniere-surprise-pour-les-springboks-face-aux-bleus-20231013
content-length
10644
x-request-id
b5d019e36dc59f777aab6c4a64860e1a
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kiad7000130-IAD, cache-iad-kcgs7200139-IAD, cache-vie6324-VIE
last-modified
Fri, 13 Oct 2023 08:47:52 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=16756,owidth=1200,oheight=800,obytes=97980
x-timer
S1697444128.279066,VS0,VE0
etag
"22cb95a9f86cdc0f9d1ec09a3ad4965b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 15, 2
a93fd07c49f1674c5df7b5c3324e2567.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a93fd07c49f1674c5df7b5c3324e2567.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e858fccb482a1022860746df30e6ced9a5a61200bab00e96064f79153e24ed0e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a93fd07c49f1674c5df7b5c3324e2567.jpeg
age
2663958
edge-cache-tag
516465662666184451914221141364266328192,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
516465662666184451914221141364266328192,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
46
req-referer
https://www.ligaportal.at/
content-length
9998
x-request-id
1eba9b6af501385904fc6f19ed6b7e7a
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kiad7000058-IAD, cache-iad-kjyo7100036-IAD, cache-vie6324-VIE
last-modified
Sat, 26 Aug 2023 05:40:10 GMT
server
nginx
surrogate-reporting
width=360,height=200,bytes=15678,owidth=600,oheight=540,obytes=216337
x-timer
S1697444128.279041,VS0,VE0
etag
"435bca3d1468ad4de4988f5c219baeb8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 8, 2
cookie
cm.adform.net/ Frame 255F 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:28 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310120101&jk=1095109406209791&bg=!9fal9rnNAAbFpEfJ5aQ7ADQBe5WfOAEwycwrLZsrbYg4adaK9aXSHaeavxWbAnbcp_LcUqAsVPHhXote81FlrSNPXycnAgAAAFpSAAAAB2gBB5kC9ugaw7t1aWbl1CeWB7oyYGt2uamU-872HJcDl31gREUqPMlZHZkvUNjIWfsWfB2M2jAEpOPvE54ef0plU30r1QSNrd9_Plvc__u2rMiQvtyECwlZP5hVCcCejPs679ccmiWtwI-HJn2iJO5dj2LHvaDEJlwJg0tGk7MmPEB_Dp0dKWS2Erhyz_uAkVwM3e9eKzHGgYVKbLiJZK8OqaEQ2k6pYijkR8ggegD2_ovwLnM6Qh_EvGLnp8PJcTkT8CzFvDG8Re7gH9-t76I8z5lE0Ltc80mp38Mzf-Z-7fhQfQXINzhI79H7Bmq6DePdsFAVcbdeIIbsVV7PHqonttlEyUk10XDIxaPSTL7SbsWCQDmPWLDIQOxHxpqVeRnVmlyUfXZPQG49X3UNizsop-Xo1Uq3O8zpCoCwuCAi_FksHXumGneSsIclKJjCGtjpV2t3qkfRQeIhRL2qCAAquyDW27Tv1UZlMAxo2cTsIgE_C0GgSCxCKHQJrZRiCrk9yiiswO5ECmnUwLz1spymhykKqVCZZIE2LAlv-r3NkoPnVEvA68mxVL5acga2sBZUafrtezQXyDAWy5-mtpH5N5SOiMIatOfOka01wcAmLxWuPNmOftSD6e8sN0QTDM7xK2iORvoQe26Ntw3BEURhHFggvVDnwVx_u9aI_M7CpaTXk7TZqfB9M8XjSgzXpAJHfKZS6-odfqKjRS3TbhefjxwnSESdjf0EcZchBOfss17ytIF-P633TCAOxoc1O1-CO0tUUFWSPKAkzypKgLcCGJeSETl2DDiB9ylUX2n7VUgpLv-uqbj_XIArc-ATGwE3fO2tdo8s1L2_Nfug97nZ1vdjzkofvmReInwnpMEONrQS8Z7vVYOf9U3BHFH6zzSBE6Hw1skvt7txLnk2KhTz1Ty8zTIefFkP_ixpW-oz2BNm2Vwocz3JFV2SxSLeHtRO_fovBnzaiL6bXAXpm6OZYhmgKuyjilLwy9cciykDFOd8t1F5ar6OA2dX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
afr.php
ads.eu.criteo.com/delivery/r/ Frame A1B9 		202 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
164e62dcb4180b3c680729f5e7d0dc4236e95ef5397a3ceed643fe72f65e57d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:28 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=G-u08-sSXkLYk6qtzDeuVy4N8IIIvzb8Y4zgEG1NAFyFIESnWNelq5vCqI5x2k9Wi9gcmpudbe_to32UHotbJVUYijoGBeJLYmhNbRXqLshJzzzmHYtyzaR1m4KtkgI5nfBwBeluyt7dwr2YHiVnVG7t9YwG3VXxaWEASN2NsrKyjzsjixb67CEDxReKmBrA00fBNSh4C5nZ6TBTNfTUpFBbxTH7i30tgT80uWaCb1Ua8dZjZlmAWpvmAiVmImNFwWUwpA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
63576349
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C1A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1E9B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
1203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C1A0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
34105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame C1A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDmyMChPpdDtpXAujkIvl6PiACHroxgdIvHXMVNwAYQ0DT0qA66E5aodlirjTViOe6TbGBGZIuBXCCZXfQ0J1S5XN-ug
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C1A0 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
403788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1A0 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:28 GMT
k-zOJaymkC9oQRbk9_t6xMy47ZdKGvFG4mv_h2OA
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame 5B69
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=018ac023-6a8a-41...
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=fbkNSF9kNnNWJTJCN1F5MFZuRVdVQiUyQkRtbEZBaiUyQkRmc0JJRUJjeTFYd0tTbzFRUlU3TGZGJTJCMmFOUVdLY0xlUUt6ZGlwWG8lMkJOZGdzRkU4UDVvelclMkZ5RjVWc04yVVhveUVPb...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=fbkNSF9kNnNWJTJCN1F5MFZuRVdVQiUyQkRtbEZBaiUyQkRmc0JJRUJjeTFYd0tTbzFRUlU3TGZGJTJCMmFOUVdLY0xlUUt6ZGlwWG8lMkJOZGdzRkU4UDVvelclMkZ5RjVWc04yVVh...
  • https://ssp-sync.criteo.com/user-sync/match?p=fbkNSF9kNnNWJTJCN1F5MFZuRVdVQiUyQkRtbEZBaiUyQkRmc0JJRUJjeTFYd0tTbzFRUlU3TGZGJTJCMmFOUVdLY0xlUUt6ZGlwWG8lMkJOZGdzRkU4UDVvelclMkZ5RjVWc04yVVhveUVPbnEwZ0d...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-zOJaymkC9oQRbk9_t6xMy47ZdKGvFG4mv_h2OA
0
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-zOJaymkC9oQRbk9_t6xMy47ZdKGvFG4mv_h2OA
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edaba0aed5b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:30 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-zOJaymkC9oQRbk9_t6xMy47ZdKGvFG4mv_h2OA
server
Kestrel
strict-transport-security
max-age=31536000; preload;
285ca19b64d6815af85768658dd7eb3
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 7A11
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/285ca19b64d6815af85768658dd7eb3?gdpr_consent=&gdpr=0
0
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/285ca19b64d6815af85768658dd7eb3?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edaacbbd55b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 16 Oct 2023 08:15:28 GMT
Expires
Mon, 16 Oct 2023 08:15:28 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/285ca19b64d6815af85768658dd7eb3?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1697444128664063-430
truncated
/ Frame C1A0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0e718100fea7427344ee6c442cf858091a46d42ea440e0a9438c456bb2494cb

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1E9B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1&google_push=AXcoOmTlRL9U8Xb9AQtvdh5lFhHQgf_mMrCUd7x1q3a8sYnsahrUeK6HwivEjNBBnoV3Z6tdJH4lTZtbQEuXaVxIB7oXErSE-qqFAg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODMyNzE3NzUwNDE0Mzc1MTM5MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 1E9B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENFjqufxmRw8R0j2Ww5bUd4&google_cver=1&google_push=AXcoOmRVlM-kG2FCUES4Eurfryt78OWnDsmL2Zlh1wQ73V0WYw5uLACPSLBqGXdIl3BG7Gk9dICgMtcHsWJUtqeKB82JVkPftMo5
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-nessy-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 1E9B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPSfaBOYgjAX7DmXhCg5A98&google_cver=1&google_push=AXcoOmTyC9X9bwm6WHc0t24L9a4UQKrUD2u104FahDkX1wcKtABHZ-juaPsQAaTVofFvCwaQxs_-6X4ULDXp6U...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDQ2NzAxNjU1OTAzMjQ3Ng%3D%3D&google_push=AXcoOmTyC9X9bwm6WHc0t24L9a4UQKrUD2u104FahDkX1wcKtABHZ-juaPsQAaTVofFvCwaQxs_-6X4ULDXp6UE0th...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDQ2NzAxNjU1OTAzMjQ3Ng%3D%3D&google_push=AXcoOmTyC9X9bwm6WHc0t24L9a4UQKrUD2u104FahDkX1wcKtABHZ-juaPsQAaTVofFvCwaQxs_-6X4ULDXp6UE0thQtSyqxb8er
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDQ2NzAxNjU1OTAzMjQ3Ng%3D%3D&google_push=AXcoOmTyC9X9bwm6WHc0t24L9a4UQKrUD2u104FahDkX1wcKtABHZ-juaPsQAaTVofFvCwaQxs_-6X4ULDXp6UE0thQtSyqxb8er
Date
Mon, 16 Oct 2023 08:15:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 1E9B
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2e...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2eMevnUKg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2eMevnUKg
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT7neJvoCSwGf2cScHkGvzi-JV-m3LSMaKMQHiZz6efB_oyrNsheFDCZyqg7Mn2trQ0ui9Yayf7_Vzo0Xgi1nRjM2eMevnUKg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
-
s.ad.smaato.net/c/n/// Frame 1E9B 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKxz-1sSzZ8gacTVbAFCons&google_cver=1&google_push=AXcoOmRvvMz1JpZICvvWqd833YvmhCwpCzOsipSei-8x4cI29seWr7EXhhKfEu7QixhfO_Y1xQaNc-Bp9Xno0ZA8BakpsVL00G2Otw
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:36 GMT
cache-control
no-cache, must-revalidate
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
1ut1-9rDMFXyf736PhrUullL6sTs_ascxxX9LoUHqcYGmA8rBQFmCw==
x-cache
Miss from cloudfront
sync
ssbsync.smartadserver.com/api/ Frame 1E9B 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAjXPCrSzcPPid7wxXJddeo&google_cver=1&google_push=AXcoOmQbul-RcrGYuGY-GBTO3Ko3M5elaDmJ4qZGyPFhbo_V-CUoIRrVt4ptUqeIpzzzLyv0eCR855oyc5yI8dyG7PbUU0XcUJQl
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
content-length
0
/
onetag-sys.com/match/ Frame 1E9B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHJO3Uy5Ho_eNmj1I7d64dk&google_cver=1&google_push=AXcoOmTdm9j67dL77lUu45t-7L5Xl9up8ohoxDyQYnAJvm1YPM-PLXLVH-reav5BmUIs7w1zhniBKQTWAqN...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTdm9j67dL77lUu45t-7L5Xl9up8ohoxDyQYnAJvm1YPM-PLXLVH-reav5BmUIs7w1zhniBKQTWAqNKKFxkCYC3qprKg4neLmg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1E9B 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KB4LLK3sE6jGRONNpWktbI10ru7uXmD5sx7pwEFX1tP3OL3mdrQX3VTnHVa99oD7vJqCMv2Q
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
v1
match.sharethrough.com/universal/ Frame 1543 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.44.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
st
imprammp.taboola.com/ Frame 15C4 		439 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&cmcv=&pix=undefined&cb=1697444128482&uv=144919427&tms=1697444128482&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!strtimdtprd3_vD!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=c7050676-ede6-4290-b347-1a42effc0151&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
799c9a8bee08a31b2d9340b9fb7738ddd9f054c7413f07f6953f6b2efff8b6f8

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 16 Oct 2023 08:15:28 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-vie6324-VIE
x-timer
S1697444129.501423,VS0,VE21
sync
am-match.taboola.com/ Frame B007 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4d7aad1f146efa5730f8d7762493d4fb062127afbf43825a34c87f4723cf06a5

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 16 Oct 2023 08:15:28 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&cmcv=&pix=31589837&cb=1697444128481&uv=144919427&tms=1697444128481&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!strtimdtprd3_vD!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1697444124937.3!ts:1697444128481&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
content-length
0
server
nginx
truncated
/ Frame DBB8 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f60bc1b764de88ce4b5d44847630fa83eb6452dc1ffd62f8e762cedd8c039e7

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame A1B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:29 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A1B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:29 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A1B9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 10 Oct 2024 08:15:29 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A1B9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 10 Oct 2024 08:15:29 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A1B9 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4XDqZzPc14rjrOh6a339f4peseN6JEHKF-j7NjqHJUH7hwLmEbsa_RVN2WKJDzcA39ByWeYinxOCYssCtDjIB9FdbnRlE48v3fe8ei4lhqNRdyqFoFy9gv-M4o6eIr-FQ53b-cLsZTuIxAZ2Bizy5LN3fXYoSr4_P_F0LZTj8MIokPUzQ3nTnKkeyNzRqlbzGxDr-Rk9GbiM9NFGtVAPLSyrwrMeBDD6efwzpn85DjmbaIyN2RCu0rKPFIcflmpgkqeHSjP0e8qi7w-KhgYSS2ENN1KTYLChTOk4VxAHgSChmgwXx_4mkG0VFIIr5gdcyVfOTmfGIeTv4mdW3BSwd_xzCtAPXAwKyZvGDBIJRp6l_gRainkOzsP03iIc_9Wv0YiWDC0EPVddL_4a_COFgihCeiySXEiUvHZFrLWYMyJWW3Vm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1788877
expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B007 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B007 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 15C4 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&cmcv=&pix=undefined&cb=1697444128482&uv=144919427&tms=1697444128482&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!strtimdtprd3_vD!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=c7050676-ede6-4290-b347-1a42effc0151&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 15C4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&cmcv=&pix=undefined&cb=1697444128482&uv=144919427&tms=1697444128482&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!strtimdtprd3_vD!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=c7050676-ede6-4290-b347-1a42effc0151&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 15C4 		0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&cmcv=&pix=undefined&cb=1697444128482&uv=144919427&tms=1697444128482&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!strtimdtprd3_vD!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=c7050676-ede6-4290-b347-1a42effc0151&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
animejs.js
static.criteo.net/animejs/ Frame A1B9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:29 GMT
usync.html
eus.rubiconproject.com/ Frame 7298 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89OECLAYkoIkXvJOZDBBIQBMveCczGSgAAABgYID-AMn4BqvBbDdbq0wu21o0WQ7WEs9ot1YsTJOVzeYxLFaLISAZ32A1mO1ma5XJZVuLJsvBWuIZ7daKhWmystk8hsVqMQUXxnKZDGqBim4yuzyfg4Zhevn8lucbZKDpdPhc93q5y_e56x5ms8Ou8duVZr8cAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XANDAwcCeLrvd4Q8AAAAAIAAAAABIACCI_5YAiMGdPPH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DGkrDs9m34EdJ1JQWYQRAAAAAOGRvLgjk3SCikWV____fisAVwAAAhZvGsdJsugOSryFAQAAABAjBF9CNHLHgz5mgR4Wv9_ssGv8bpf5_________zfzf-YfjRDQtUKaIMH6YTW_gAAAa34BAQDYiBsAgDcBcEJOBppOh891r5e7fJ-77mE2O-wav11p9otOQqwWk8lgMlmsjkLshrPFbrZYTGYHAAAA4M7___8_HiH4EqKROx50PSC5nGx8q91yMViZbB7XzONajDwem3Gz8i0sC9dye7bTzVUZLqhF-mQU3WR2eT4HDcP08vktz4P4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgsmJZ-HYzGZr2XI0WYsmk-VauJmM3KqVcbKcGUbL3XKyFr0-po9ltpstZ14kGMCxF8nTIp0oJivLZOHZrBaL0cKznC0Gm5VtNpt5LC7jajdzTMQSzckincgu--ZysvGtdsvFYGWyeVwzj2sx8nhsxs3Kt7AsXMt9c-JZODaz2Vq2HE3WoslkuRZuJiO3amWcLGeG0XK3nKxFr4_pY5ntZsuZvzFb7kaj0WKy2zdmy91oNFpMdvsOk-mZ-pyNrlvG8dFJLdJveX1zGhQug8U7Ua-Gt6Pk4JdWjU6f16Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvd7ObTGW1A9OnvHjYNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGI5mmtWc8VkMVcsNqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX93AJH6M6wZOwKC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEWkBP3____Pw4AAICMHHoAAAD0-4CklMKPXCn2-BXEZrTc7R-ACrFWq9XtxlqtVkCC2A02E_j___8P!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 08:15:34 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=156&m=0&partner=81530&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F81530%2F210607%2F3cef7d3d38a84ad39861a6bbe09b3edc_ldi_logo.png&v=3&w=196&rid=4&s=IPzoYRAxBQPtErFbE34Lh2GV
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
76cd9f0427cdc5fbdaa10050cdd48593938d26a27f3b87cbd05f5965f08473b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9920
expires
Thu, 03 Oct 2024 05:41:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F21877%2F001_1219298-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=XBNoR7wh-j9ZrDY3qgW_tW78&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce7efaeb2969b0a601811fe28726bb781edab68de1f5dfea9459fdbe37acfd9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
20772
expires
Thu, 03 Oct 2024 07:18:14 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F15372%2F001_1244650-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=YUUag3S2tI-I8BBEaXq7XEW2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d407369249d8848c9c88410ed1998f597ed1d1e4abf04ec5107e88f123db8a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
40388
expires
Thu, 03 Oct 2024 07:44:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F70195%2F001_1270101-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=qeTIRBZA02SoQHIgYLttZ5qM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bf9fdddcbecaf0f9d2820785e50726e2e739dc9044b33b8440bf780cc46f5d03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16082
expires
Thu, 03 Oct 2024 08:43:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F25162%2F001_1256143-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=EhEpJLJYMsR76AtGTKNb4Rk9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
564cf5a9594728b093917a5e459ec8655d2a762d563e82c77065fd6292771f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11680
expires
Wed, 02 Oct 2024 10:14:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F47663%2F001_1233576-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=WUSqg5S5Oa1BsiuvUVmpP9Tt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97a136040490e5c52589206f37fb345b38fc7681940219b1a106558d145b09b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
12698
expires
Thu, 03 Oct 2024 08:15:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F22089%2F001_1233352-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=QvYnJpnSYySOa5IDuDt3Rhqf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eeba77992a254bdda8cd77451b71656389237a4f9ee73da21ec632d143899036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
59524
expires
Wed, 02 Oct 2024 09:47:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F22917%2F001_1248014-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=ZDWGq7Ys6YZTAV6tyCF-ED89&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43f5c1f37ea6d24924106d921c86382ac9e423b2ebec90f556535ef9ade9e2ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
15354
expires
Sun, 29 Sep 2024 21:27:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F5983%2F001_1218735-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=aHHGzwxcj1BwSXiW5cVos696&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
01dcb48325aaf01f0d344931f34b4e153a35e0085f7c3594d864f5c2f4bf1a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
26516
expires
Wed, 02 Oct 2024 14:12:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F2268%2F001_1095556-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=Fyj8KrwFTtW67VDP7wXhchxM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec989de149923023c35a8e7b71dab86e22f498a96cbaa58976f516841b65d0d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19282
expires
Thu, 03 Oct 2024 08:55:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F8379%2F001_1237917-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=zUjOzsKUmSUlu1fxkCpKYpfS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96a9ba621a934bb587c51c3a1c0e423da54dd23dcaa72b790237b49923fd1ed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19774
expires
Thu, 03 Oct 2024 06:18:25 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F25651%2F001_1256077-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=5lAkduYDXYOkdRpDGFZLzAVy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bb63af4c0c29b947b1735d44f35ca63ab74c3438269cd7a9da99d2b7155245ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7624
expires
Fri, 04 Oct 2024 19:50:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F11467%2F001_1238734-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=XbkuEnBy8JJJ5HQSvlytbNxq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
db47183a91687406af29b2a228609300daa926b17762bd790dae1ab6806b8006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
10500
expires
Wed, 02 Oct 2024 13:48:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F46947%2F001_1225304-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=xQ0ARW3TXxlvLyZxTTd4vlvm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97664437f67761fe7d3a1c6e0569973ebcf523498845a5fe3fd01c3b610a5241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7836
expires
Tue, 08 Oct 2024 17:11:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F20230%2F001_1190930-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=9oqIQwuaq1Kkse-3WZ4uwRoR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3706e4b6baf99d47aeb0533acd5328ef9dade4ce1f974928338118448b1969e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16648
expires
Sat, 28 Sep 2024 05:40:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F6164%2F001_1220403-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=MaipUS7aEdip73h9AGavY53q&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
628888ab2bf475ea98e6630dd6b48f5497f3730f16dc5518daa208da39b50ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17976
expires
Thu, 03 Oct 2024 08:06:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F46731%2F001_1249874-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=jYQ1BwoLoV7r88ljXUErgHiz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c115c51cf7b65ccf18d33a1355f1a3a837c0500ccb53d665591f1ca7bad6d2a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9528
expires
Fri, 04 Oct 2024 18:57:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F26001%2F001_1257516-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=ktAmmGuNoCeTsBnwAjqosTRG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
af87721e50df754662ff086a666caa1d2f49d46360481addb544b5668c2c3db7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
15614
expires
Wed, 02 Oct 2024 13:42:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F26697%2F001_1259071-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=4UmbsADoGM5D5jrhYGuZZ52k&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bdf56ebf72a2d8a78c1a33368c5915daf3b2c54cc9bca6ab4d7d79b425593786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9880
expires
Wed, 02 Oct 2024 12:59:55 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F123868%2F001_1292831-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=1akSXMySJABa9x9HBQIss8Nh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d40845c23cd63cf98fbb52c7b8aff9e2a3dbcaa23f3dab49f33346b1fc530a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
5694
expires
Fri, 04 Oct 2024 09:02:48 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F14589%2F001_1029240-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=iddHn2TvBHdOzyEjBFeReXnH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8fe87029aa3122e324be10bb80607020a46541baed2c3ed40720a572f3d7b0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
24824
expires
Thu, 03 Oct 2024 06:47:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame A1B9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81530&q=80&r=0&u=https%3A%2F%2Flets-doit.at%2FuploadPim%2F15696%2F001_1245980-thumbnail-450-450.jpg&v=3&w=400&rid=4&s=K8Qgh1qgwz2hwQ5CTEOQZz3i&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6d967994d734c9c88a3b4c33b0ed8670106770cca5834cd1d1ca107125567255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6388
expires
Thu, 03 Oct 2024 05:08:46 GMT
all
csm.eu.criteo.net/ Frame A1B9 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=G-u08-sSXkLYk6qtzDeuVy4N8IIIvzb8Y4zgEG1NAFyFIESnWNelq5vCqI5x2k9Wi9gcmpudbe_to32UHotbJVUYijoGBeJLYmhNbRXqLshJzzzmHYtyzaR1m4KtkgI5nfBwBeluyt7dwr2YHiVnVG7t9YwG3VXxaWEASN2NsrKyjzsjixb67CEDxReKmBrA00fBNSh4C5nZ6TBTNfTUpFBbxTH7i30tgT80uWaCb1Ua8dZjZlmAWpvmAiVmImNFwWUwpA&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A1B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:29 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A1B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:29 GMT
events
prd-collector-anon.ex.co/main/ Frame DBB8 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/renderer/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.141.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-141-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:30 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
fee23b5a-054e-4b5d-8f8f-96951508ed72
player.ex.co/player/ 		570 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72?passToSdk=true
Requested by
Host: player.ex.co
URL: https://player.ex.co/renderer/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07dfafb847c6743af4076917fb4257dd6ff3340b046337986a1897c451b44ce3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 varnish, 1.1 varnish
age
8074
x-cache
MISS, HIT
content-length
175524
x-served-by
cache-iad-kjyo7100073-IAD, cache-vie6366-VIE
server
nginx
x-timer
S1697444129.700217,VS0,VE26
etag
W/"8e745-2LkDSLVQal5C1bxiUCJQRB9kpkI"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
view
securepubads.g.doubleclick.net/pcs/ Frame DBB8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxky9iHWrrWgwU6ushP0oSODNUsRzEKGn2M9-XU3u2CdYRLd6h6h25KnBitdLKXbIlubpsr3tty8OMEPQYU1QMC24O269TmOfpw75L_UJtZY21hpRusxdUHZraVc7GWNEHudZdkgfCXI1nB4i-oLrcxhnQzpPPxFlCfBe4cEntNIgib44o4Q-MBZAqHhIbhy7-yAl24NiCZJIQvbwypUOCgW9QuvFLO5e4BGQwb2dQBu-oRCLMSxt6Q4rL2lpCCdWSYgjQcD_RQbGfs2R5Ui25i0-aJ97ihnOQ5uhjbMWumeveJZc4-CCG8VUtW8uuRBY66NAxFDAr_lwEJcRf7H3X5w0Xl2I_0QVqJx0Nau4cHgVXW0dSw6Y&sai=AMfl-YQ1ObR1Hby2gGx-qUjG93oN-gKXOhdKVp4bLiCnR2E1b5VpJZi1clE0ZWGMJJYtjOqz6ESuVJhR0z-BFlMiQVg182SEenOCs8aPZXLzJ8t_ZHgDVUgzsbFGnY3RJw&sig=Cg0ArKJSzOVH_MZMW6MKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 08:15:28 GMT
versions
player.ex.co/ 		750 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/versions
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2307871f3548016ae838e0cea561baac19dac7861c02c38721a93b0db487b9e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 08:15:28 GMT
age
38990
x-cache
MISS, HIT
content-length
750
x-served-by
cache-iad-kjyo7100158-IAD, cache-vie6378-VIE
server
nginx
x-timer
S1697444129.811277,VS0,VE0
etag
W/"2ee-hAyaaAd3C/6OhfsGbgwnf2kT5uc"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 18
events
collector.ex.co/main/ 		17 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72?passToSdk=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.86.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-86-123.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:30 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 08:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 06:32:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 08:15:28 GMT
thumbnail-360.webp
cdn.ex.co/transformations/production/df05a23f-8b2b-462c-7ac9-942b4a3263c2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/df05a23f-8b2b-462c-7ac9-942b4a3263c2/thumbnail-360.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5e4c0aabc9b3ef0daec72b0cc6c1fbd4e8dba9a66df00701fd74873bd046b2fb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:36:47 GMT
server
AmazonS3
etag
"544893030cd0a72e06032e08d8f5f597"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
9815
player.js
cdn.ex.co/player/ap/3.57.0-3827f5e/ 		448 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72?passToSdk=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1f182033b5c59c76cb3e6799ee48546d42d73b1ee503757054a6919b4680e34f

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
119812
last-modified
Wed, 11 Oct 2023 07:50:27 GMT
server
AmazonS3
etag
"07379791f995093c369084bd7a8f1c37"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 23 Oct 2023 08:15:29 GMT
almoni-neue-aaa-600.woff
news.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
age
3
etag
W/"e954-18b240eb70d"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
bgVah65bSNNC1CvWj4MdPH5DSxmqKBGDvO2JlePWK0iuSlPS5Z0g0Q==
wallaicons.woff
news.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/fonticon/wallaicons.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
age
3
etag
W/"3bdc-18b240eb70e"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
1JHHzx-Gtb042Cj9l88GvcZ1fd0UKdWJ1km6ovuO3rGLGypPvhl6vA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
274118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 04:06:52 GMT
almoni-neue-aaa-800.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:25 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
age
4
etag
W/"e65c-18b240eb70d"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
58972
x-cached
HIT
x-amz-cf-id
Epjn9Ly1Y_XgcAjS9xeErAvZ2unzKAQiJS3NIRvDRX09BTKqkDEsew==
almoni-neue-aaa-500.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
age
1
etag
W/"e7c0-18b240eb70c"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
Cxog9-MMZlsB1hSVu-mWgr0oFzT6Arz2WdkhiWLs_nAz0B3OrvQ00A==
almoni-neue-aaa-400.woff
news.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-98.prg50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://news.walla.co.il/
Origin
https://news.walla.co.il
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:28 GMT
via
1.1 google, 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 13:23:46 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
PRG50-C1
age
1
etag
W/"e770-18b240eb70c"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
Jp3d_BymQmDyLxrHcKofMs0JsqdmxPyba1J7gWDRQ0q54ntIZVp5nQ==
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?tvi48=12019&tvi50=13497&route=AM%3AIL%3AV&lti=deflated&bulkSize=9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
88
date
Mon, 16 Oct 2023 08:15:29 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
75349
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-vie6324-VIE
pragma
no-cache
server
nginx
x-timer
S1697444129.108973,VS0,VE88
content-type
image/gif
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 16 Oct 2023 08:15:29 GMT
via
1.1 varnish
x-amz-request-id
FD26D12Y7BK355FT
age
24410
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ViPQbxvd//l6ZZAdT0W7FeqOO7M2ZDvihd8iXMpSx2rgFjyfVu3JdyZFiwkgF0Pws1fRiv4vTZg=
x-served-by
cache-vie6324-VIE
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1697444129.226433,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8834
cookie_sync.html
cdn.ex.co/sync/0.0.1-1082b4e/ Frame 713C 		370 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C352108339&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
must-revalidate, proxy-revalidate, max-age=55539, s-maxage=31536000
content-encoding
gzip
content-length
255
content-type
text/html;charset=utf-8
date
Mon, 16 Oct 2023 08:15:29 GMT
etag
"6c913cf53e2f19bb85cbce59bc48565f"
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
sync-4b7ae961.js
cdn.ex.co/sync/0.0.1-1082b4e/ Frame 713C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C352108339&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f

Request headers

Referer
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C352108339&gdpr=0&gdpr_consent=
Origin
https://cdn.ex.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:29 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
1365
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
etag
"ea77f73013f99623af0cfc02bdf7a34a"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 23 Oct 2023 08:15:29 GMT
cookie_sync
sync.ex.co/v1/ Frame 713C 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/cookie_sync?network=368531133%2C352108339&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
67a7539e8990fa31d741a9bb47eb0edc6f98b258bc709fcce29d7626e8983236

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.ex.co
date
Mon, 16 Oct 2023 08:15:30 GMT
access-control-allow-credentials
true
content-length
1929
vary
Origin
content-type
application/json
activeview
pagead2.googlesyndication.com/pcs/ Frame C1A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK0T33diFU1Xww9MV66tBlXZ6l5t3L8pRCz2DP0WxF6pthyP0XJgX64mwdjlYbv6kT19DRPrbnHFOubFlqJ9pFew4Z-umArXDJk2XV&sig=Cg0ArKJSzDEKs5da0gHsEAE&id=lidar2&mcvt=1000&p=1120,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=578455068&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444128173&rpt=373&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame A1B9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=G-u08-sSXkLYk6qtzDeuVy4N8IIIvzb8Y4zgEG1NAFyFIESnWNelq5vCqI5x2k9Wi9gcmpudbe_to32UHotbJVUYijoGBeJLYmhNbRXqLshJzzzmHYtyzaR1m4KtkgI5nfBwBeluyt7dwr2YHiVnVG7t9YwG3VXxaWEASN2NsrKyjzsjixb67CEDxReKmBrA00fBNSh4C5nZ6TBTNfTUpFBbxTH7i30tgT80uWaCb1Ua8dZjZlmAWpvmAiVmImNFwWUwpA&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&u=%7CoyLeNGVajh5zg714pCSBjStaQp%2FkAJ07smEMJQxmknE%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSnbAiDmxoSwicJ1n4MV4gyf_zwPdJAQYVEiC3l0HouiI2NaVLFtF2HodQKu_ChIutKhCJDT6UfFSrAVIMLUdHjW1BQXi0ykfc0MCPU-KrrclTxnP6kidXWFFa7pCoky-SCdBZxweGvi-piSx0XKvaehWIVNvsBUH2g0jb4pRZrSyhC_oODk11jiIJWFsSNPyg0t1U5XCZUJQmrT0Sd5LQ0dce8HGPLr8CCq3KSNxatzxZNpfS-dAroIc7Eu_SHMRMDzWUxA1-l_bj-XOjugL6ql2Fh3mD1m3wfWk1J6ePZ3Vt8y5l08uz9CaaeJF6ZJbwQnJig4SzYR8ze24KAlOb1mD1bXPqVqnvTfzc5QGq2HdN7LfsaOMbv60Ggsg9_zx0BXcZdm3S4GVTRnXpcsUQ8u-UxlnJWsX-mGNKnPglLzLVyPv75KaZMy8Gms9EUvP5gIJ-lK3g3hglN4hpmGkPtca4VUf68ctXjBZZdBCCRZh4cdmt7lNGFF2GJbQKk1ILyNTSDKeS3c6Xg6dOKqUfreyhfQwEOJnWwIRbVhGOVOxee0Zj7_5qZznBkhgXn4_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQqTcH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSmAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_l0WbO36WY1mqcEt8ybYkOvXoO5aZYIrn1jUp1lQipHxuIfIh_qsRSh2-AEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3X2ZvdzumRaSt-UsHkcy1i9NAl3g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DBB8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF6M541Ms3j2_U-kyqUylmY4Sdxbjy1ymSmxGcQgd7BZxtcuvlyDN1U21meNLBPkRYrdbJwtve8O0x8V7gpLPyII9pI0M00znUJ-t82HMyWPfqPvsR2pz2o5HPfu0B&sig=Cg0ArKJSzACk3hlharr6EAE&id=lidar2&mcvt=1001&p=135,799,136,800&mtos=812,1001,1001,1001,1001&tos=812,189,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2933179666&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444128184&rpt=521&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Oct 2023 08:15:30 GMT
x-amz-request-id
MQDSNR46H3J20HC9
age
3327
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
w6SwndseRSEXHUr6T/9rVp4xiT1srPcdJYojk5xKePC5DO/aJ4Ic9CuQQx6q63rTWJ+HO3ALZlA=
x-served-by
cache-vie6324-VIE
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1697444130.005882,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
39
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
23060
/
pips.taboola.com/ 		4 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-vie6364-VIE
date
Mon, 16 Oct 2023 08:15:30 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:30 GMT
cache-control
no-store
server
nginx
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.116 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f20.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://news.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 16 Oct 2023 08:15:30 GMT
server
Google Frontend
x-cloud-trace-context
c0eae6ee3a50898f6415d6e546ec3156
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.116 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
x-request-id
1d480e75-174e-442b-9731-62ab6078e501
x-vad-version
0.14.17

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
x-cloud-trace-context
ea7fb6dfbca7a5ba205d2220ac9d12df
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		205 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1095109406209791&correlator=1493137701751956&eid=31078743%2C31078806&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Ctop_desktop%2Cskyscraper_desktop%2Crectangle1_desktop%2Crectangle2_desktop%2Crectangle3_desktop%2Cyad2_inner_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C120x600%7C160x600%2C320x50%7C300x250%7C300x600%7C300x1050%2C300x250%2C320x50%7C300x250%2C320x50%7C300x400&fluid=0%2C0%2Cheight%2C0%2Cheight%2Cheight&ifi=19&didk=1193244743~1193244742~1193245114~1193245117~1193245116~1193245119&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5b10ba2110ab9c23%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MZDv9ShvOnBMmMyYt5A4gvA6p-LBQ&gpic=UID%3D00000c99fc91fbe4%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MYZw1-b24AVkLGVzBT1fnq_TLVGZw&abxe=1&dt=1697444130745&lmt=1697436930&adxs=805%2C1480%2C315%2C315%2C315%2C315&adys=101%2C185%2C945%2C1085%2C2951%2C2936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C17%7C18&ucis=j%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.walla.co.il%2F&vis=1&psz=970x0%7C120x-1%7C300x0%7C300x0%7C300x0%7C300x0&msz=970x0%7C120x-1%7C300x0%7C300x0%7C300x0%7C300x0&fws=4%2C516%2C4%2C4%2C4%2C4&ohw=970%2C120%2C300%2C300%2C300%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnqC0Sad15fm-IZVRUr9AsVraRC6Lwz49XMpkGbxSRnCMLbi98dp6aS14fmQAwKn4gy_p_0Eo9ALwCadDWU2dfC9NYIPO-N-qeTPhWKikLNeHGrndMOoHOV&ga_vid=1579745487.1697444126&ga_sid=1697444127&ga_hid=1544128646&ga_fc=true&dlt=1697444125237&idt=1319&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle2_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle3_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_inner_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D1%26vertical_name%3Dnews%26mobile%3D0%26vertical_eng_name%3Dnews%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fnews.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=2574293897%2C2790448677%2C2040804355%2C4136504620%2C3491967477%2C4156612150&frm=20&is_cau=%2C%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5efeffa644c2807b1e91401b90456994cc81743c98488e62f2d7961fcaca7456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56209
x-xss-protection
0
google-lineitem-id
-1,-1,6398196851,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138450886582,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 08:15:30 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F947 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=126994
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 16 Oct 2023 08:15:30 GMT
expires
Tue, 17 Oct 2023 19:32:04 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 0E09
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
2 KB
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d1022a840698e16fcbfb5f03694f5bf47b32d9d3e129ada5f6d2f44e6cbeb7

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816edaba5bcd5ac3-VIE
content-encoding
br
content-type
text/html
date
Mon, 16 Oct 2023 08:15:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0YzXvg2xRDjZR5w3t7JVKR7Ly5zWCBzvVaLT2q8gs3K4aDLrKPaCrh20yksUqybx%2FeO1uBjQiAWQMDmo0dnLLC4uPbzzuMA6r%2FfgSfUQNgRFsKDb5%2FkWVHS6ZSvTzKhRGJVqLj%2BqOfASg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816edab9fb665ac3-VIE
content-length
0
date
Mon, 16 Oct 2023 08:15:30 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxyZWhEO%2BEovklDDVhB%2BhGUc8hkJL%2B4kMcQHqGeFmaoGtUEGBlLzwKAysS%2B8Eceg1ZNC7gPIpzUyGcqOVht01kU5%2F%2BGlFFEKQdAs7jaNeyzSt0U93FJPTHrE%2FPqcrtmR9I8g505kzHYJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 04A5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 08:15:34 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 08:15:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
server
AkamaiGHost
pbs-user-sync
ads.stickyadstv.com/ Frame E1B8 		317 B
791 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4f83db842565db50da7196d408ada59e6e993a7cb8a050428a69837f72346584

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
317
Date
Mon, 16 Oct 2023 08:15:30 GMT
Expires
Mon, 16 Oct 2023 08:15:30 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1697444130801046-415
sync
ssbsync-global.smartadserver.com/api/ Frame CB6A 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-length
0
date
Mon, 16 Oct 2023 08:15:30 GMT
setuid
sync.ex.co/v1/ Frame 713C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5ee890ad-3ab4-413b-b370-c5434ef61a2a
86 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5ee890ad-3ab4-413b-b370-c5434ef61a2a
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Mon, 16 Oct 2023 08:15:32 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

date
Mon, 16 Oct 2023 08:15:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5ee890ad-3ab4-413b-b370-c5434ef61a2a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dmp
vop.sundaysky.com/sync/ Frame 713C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsundaysky%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7Bssky_uuid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-233-50.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:38 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length
43
expires
Sat, 1 Apr 2000 00:00:00 GMT
setuid
sync.ex.co/v1/ Frame 713C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1697444134621
  • https://ad.turn.com/r/cs?pid=45&rndcb=5182682071
  • https://sync.1rx.io/usersync/turn/2793941312454047967?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-e7af0...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003
86 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Mon, 16 Oct 2023 08:15:35 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003
date
Mon, 16 Oct 2023 08:15:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe7af0f70be78468dbe4e2a6b286f6e17003
content-type
text/html
setuid
sync.ex.co/v1/ Frame 713C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7291242071810221903
86 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7291242071810221903
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Mon, 16 Oct 2023 08:15:32 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
an-x-request-uuid
5a2e7875-772c-40af-8111-84a8d2133544
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7291242071810221903
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 713C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 08:15:30 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72?passToSdk=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.86.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-86-123.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:30 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/ 		38 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=1320259211&cb=a00d3164-e4b2-42aa-a5bf-43c010ec5b53&d=https%3A%2F%2Fnews.walla.co.il&schain=1.0%2C1%21playbuzz.com%2C0012000001ONjKaAAL%2C1%2C%2C%2C&w=600&h=337.5&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=dfp&sid4=3.57.0-3827f5e&pub=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
32cd064269c3846bd74333db965cc6f0116e38b6489a7a861520f2658d956385

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 16 Oct 2023 08:15:38 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Mon, 16 Oct 2023 08:15:37 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%22b1556804-fcee-4c36-8eb5-%C4%9122639c65%C4%9B%22,%22country%C4%8D%22AT%C4%B2%C4%8Frowser%C4%BCch%C5%82me%C5%80os%C4%BCwind%C5%83%C5%90%C4%B3networkI%C4%8C%C4%8E3521083%C4%AC%C5%80hu%C4%8D%C4%B9ue%C4%B3p%C4%BC1320259%C5%A51%C5%80%C5%A1%22https://%C5%99%C5%84.walla.%C4%B5.il%C5%80u%C5%85r%C5%A0%C4%BCftxis7p7qfieh9mc%22}
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.64.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-64-86.compute-1.amazonaws.com
Software
/
Resource Hash
c707569441762b70fad86d0f4e541fbfaa74548d819250e7dada45f5a652e29b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"69b-GBZACxaLdk+PIXh2IhJzOw"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1691
syncframe
gum.criteo.com/ Frame DEB0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:30 GMT
server
Kestrel
server-processing-duration-in-ticks
741674
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 08:15:34 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F947 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63767543&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c985256e67995ab4f20602a0ad0ea5e62e803e9024a53a3de6b927d7713a6f2e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 809C
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=285ca19b64d6815af85768658dd7eb3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv285a_7291037504216595703&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:38 GMT
server
Kestrel

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 16 Oct 2023 08:15:38 GMT
Expires
Mon, 16 Oct 2023 08:15:38 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1697444138168030-375
setuid
sync.ex.co/v1/ Frame 5F22 		86 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=285ca19b64d6815af85768658dd7eb3
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Mon, 16 Oct 2023 08:15:30 GMT
vary
Origin
json
gum.criteo.com/sid/ Frame DEB0 		441 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=news.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4dc4dac48f417dec68fae3b49593f68557364ce9c0dc8f8beb5a5627e3850e28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.walla.co.il
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
945041
expires
0
crum
dsum-sec.casalemedia.com/ Frame 0E09
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSzxIjI5J1C5GBqQA8vXMQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QJDS3Yt62lMpS%2Fs0JMwTjFSz3wzbe8ZQW2%2B5EwWfMZ6AdkkZ7q6FMdnjME%2BxosgJRJv20UmfEMMhzPYZLvyzwMXqxGLCk3E6WsOqAsCYPyUjK1CqeMekLRV%2B52ZpArIsvHI6jrxdM1vKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edabb2fcbc29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0E09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGqnZNpYRK-HRs8lOoJQrY4&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGqnZNpYRK-HRs8lOoJQrY4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY6VKRMOtl7O2i3f1tsc4UPnsTNXPGqsHGmAqt9tIQbRee%2B4zStbFMelUM7F3XOnm7ROL7jq%2B5BYBNfmwW9DUVMuMGf8vhEwucNEyD9jg%2BDiD7DrrPAkhT2YtxGnI%2FZon8gnullnUIFeUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edabaef75c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGqnZNpYRK-HRs8lOoJQrY4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0E09
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AGGJTYEDDNMJXXRSXAGZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E3CTDKB53KZH7JHDB18T
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0E09 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 0E09
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=BP0vYBiRWqRVKb_xI9rcS8IjeXE
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=BP0vYBiRWqRVKb_xI9rcS8IjeXE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm20mi7Wc0%2FUVcFc9p19fgPVw4IqZ3Dx73zSzf9T1zq8mLYP8QdJG6ag1hXIsVH3fTmTjDtQbiPTGEhqlwi6emNLjoss2eOY12umd7jiVjz1fxp8sCmfabcj8Fdmxrxa%2BGwm4IA%2B2s2KHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edabe7bb6c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=BP0vYBiRWqRVKb_xI9rcS8IjeXE
Date
Mon, 16 Oct 2023 08:15:31 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0E09 		0
0
rum
dsum.casalemedia.com/ Frame 0E09
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_81d41e87-4b8e-49ff-aa5a-ab68be5b8d82&bsw_param=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=&gdpr_consent=&us_privacy=
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF89bkoxGoiZwEJdfqdKH3wL4lJw%2BnjtfmBburWqQ%2B54yTQ%2BelXOqQxXZPINkSGr4CTlT7YHfDyeliddUm3Wk9PEABUCPVt9YCqHOJL14Qyr1ZmNQekzKhS3nSIVIVZEyFtxB2kl"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edaceccb15ac3-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 16 Oct 2023 08:15:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
CookieIndex
rtb.adentifi.com/ Frame 0E09 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.12.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-12-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:38 GMT
setuid
sync.ex.co/v1/ Frame 0E09 		86 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=ZSzxIjI5J1C5GBqQA8vXMQAA%262170
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Mon, 16 Oct 2023 08:15:31 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png
Pug
simage2.pubmatic.com/AdServer/ Frame 32CD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:30 GMT
expires
Mon, 16 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
735171
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A8EB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 Oct 2023 08:15:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KDV1AVFE52RXVMRV3NBS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 16 Oct 2023 08:15:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
833TDJBS93NB4YDQ8JTH
Pug
image2.pubmatic.com/AdServer/ Frame 9C4F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 16 Oct 2023 08:15:31 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame ED80
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7291242071810221903&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7291242071810221903&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
45be7207-40b4-4aa8-aa4d-7e1bf338ae21
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 08:15:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7291242071810221903&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1DCA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290467016559032476&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290467016559032476&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 16 Oct 2023 08:15:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290467016559032476&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame F582
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_f96f0547-d12c-47bb-bb6a-356c1778d8a9&bsw_param=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 08:15:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 16 Oct 2023 08:15:34 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 4D62
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BP0vYBiRWqRVKb_xI9rcS8IjeXE&gdpr=0&gdpr_consent=
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BP0vYBiRWqRVKb_xI9rcS8IjeXE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Oct 2023 08:15:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BP0vYBiRWqRVKb_xI9rcS8IjeXE&gdpr=0&gdpr_consent=
/
b1sync.zemanta.com/usersync/pubmatic/ Frame 915C 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 59ED 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame DBCB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVE9rN0tXZUlBQUJpU193clZvdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACTOk7KWeIAABiS_wrVow&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACTOk7KWeIAABiS_wrVow&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACTOk7KWeIAABiS_wrVow&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=512488335926292326&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACTOk7KWeIAABiS_wrVow&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACTOk7KWeIAABiS_wrVow&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 16 Oct 2023 08:15:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACTOk7KWeIAABiS_wrVow&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
/
csync.loopme.me/ Frame B33B 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 11E7
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf9016e17f9ee404aba58648459cd4843
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf9016e17f9ee404aba58648459cd4843
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 08:15:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf9016e17f9ee404aba58648459cd4843
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame 531F 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:38 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
Pug
image2.pubmatic.com/AdServer/ Frame DB9B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=340348770347379010
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=340348770347379010
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=340348770347379010
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 152A 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame EEE2
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421644902826
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421644902826
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 16 Oct 2023 08:15:31 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421644902826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame CEBF 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame E06D 		0
0
cm
green.erne.co/pubmatic/ Frame 4260 		0
0
setuid
sync.ex.co/v1/ Frame 7E5D 		86 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C7E7BC18-34D3-4297-BB25-D52CD968471E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Mon, 16 Oct 2023 08:15:31 GMT
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F947
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x-e8GDTTQpe7JdUs2WhHHg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=126993
accept-ranges
bytes
content-length
5606
expires
Tue, 17 Oct 2023 19:32:04 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame F947 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.163.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.193
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame F947
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=284696799
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=284696799
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
last-modified
Mon, 16 Oct 2023 08:15:34 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
last-modified
Mon, 16 Oct 2023 08:15:34 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=284696799
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match
a.audrte.com/ Frame F947 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame F947
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzdFN0JDMTgtMzREMy00Mjk3LUJCMjUtRDUyQ0Q5Njg0NzFF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F947
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdCPQqD8hcdI0K-G8e54b8&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdCPQqD8hcdI0K-G8e54b8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdCPQqD8hcdI0K-G8e54b8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F947 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 15 Oct 2023 08:15:34 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F947
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5445555529033447467
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5445555529033447467
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5445555529033447467
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F947 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
C7E7BC18-34D3-4297-BB25-D52CD968471E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F947 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C7E7BC18-34D3-4297-BB25-D52CD968471E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame F947 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C7E7BC18-34D3-4297-BB25-D52CD968471E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame F947
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b8160e6c-6798-48b7-9474-7d3451f5b636-652cf12a-5553&gdpr=0&gdpr_consent=
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b8160e6c-6798-48b7-9474-7d3451f5b636-652cf12a-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:38 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b8160e6c-6798-48b7-9474-7d3451f5b636-652cf12a-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F947
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8111004722029967583&gdpr=0&gdpr_consent=&us_privacy=
1 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8111004722029967583&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8111004722029967583&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame F947 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-nessy-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F947
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2655bf38-d785-493e-a504-16e0ff9c06b0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2655bf38-d785-493e-a504-16e0ff9c06b0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2655bf38-d785-493e-a504-16e0ff9c06b0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 16 Oct 2023 08:15:38 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
container.html
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6740 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
expires
Tue, 15 Oct 2024 08:15:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame C6A0 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
486105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C6A0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
486105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C6A0 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
486105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C6A0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
486105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C6A0 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
486105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
truncated
/ Frame C6A0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18acda07d27f54775e8e878f21672ba989871121e92dded6b879f03f47771f4d

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E9F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHY2IPoRvIm-1IlD3Md77X47PXBMpClRK6hZk6weBCg8qnoVpIy8s41C57trmocaNMEXPsrQeaQKkTOjFuE5lBxgidkpaPwXgFi7i8SqQQ27sCjr8QbM5Cb42M1b6aMcH_YymoHbnzUWsYx40LUX-Din86X_MEhpZT0XJUFil5nhnqiiAJ6GQl0M4vhhukUvlxCnWcwWed_fWoNYP14_KZ022S591JDH8BDJdMrsEwshHV0i0x7zsr8IsD0bb9kT8-lmoXgGHhFqtGuTO47MgZidH1sxbdFzzp_J6M2eQyvB9xEoiRcWIkfdgDLxB1aSFGzrBSe3ZNP2Xi_KT39NDLhvCeuZZJp8Qzk4q3-qaQreVQvgyK0T2n8zBZ50VR-kHKM415TQoBKO2fyilYtmZcy5jX1gUfIA&sai=AMfl-YT8mSC2Q47OlsnZOpdLr63EWb_FWJSF_VRH9e9XILulBCdFXgTXZ60VwtifmjY8Kj-AqUU4mXaPdw33yjD2I5HLQBN0kRsNVT7WUX0BuM6tphNm1y9FYn0YTWXIWA&sig=Cg0ArKJSzLpd0THHlry-EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame E9F9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:27:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9F9 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:31 GMT
15710983408196981612
tpc.googlesyndication.com/simgad/ Frame E9F9 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15710983408196981612
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
803165424a683201ed947425de6583c598dbdf0b5b106ab177e133a69b5c6eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 05:26:39 GMT
x-content-type-options
nosniff
age
96532
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50945
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 04:58:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 14 Oct 2024 05:26:39 GMT
l
www.google.com/ads/measurement/ Frame E9F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCPlhK6Psz8KTyxupW2UxP6n3iUbmoOBxogxuapT_bJ7OeCGbym8uJLgo24NLAwZI7Wc-7FgGF56uiL2MAgOmqudI5xQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
container.html
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5902 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
expires
Tue, 15 Oct 2024 08:15:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5700 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
expires
Tue, 15 Oct 2024 08:15:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:26 GMT
expires
Tue, 15 Oct 2024 08:15:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
15626506855175093271
tpc.googlesyndication.com/simgad/ Frame C6A0 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15626506855175093271?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk2aOY1v0cF177dQ8BHlw-ls-Q46w
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
51e3136e4ae40daa3825e5f50028fd43d138a4d9a28526ef106dd7ff58b66ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:53:57 GMT
x-content-type-options
nosniff
age
591694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70702
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 09:25:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Oct 2024 11:53:57 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6A0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 06:49:45 GMT
x-content-type-options
nosniff
server
cafe
age
5146
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2712
x-xss-protection
0
expires
Tue, 17 Oct 2023 06:49:45 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6A0 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
69979
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 12:49:12 GMT
l
www.google.com/ads/measurement/ Frame C6A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqAlrS_2KD47igNd3DgurFfyJpjTr2LXR_mZ43bffuGI3IUwZFyboD8pxsX4NOGG4pKNPnSvaBwMnBCqRqml1ozQlitQ
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
truncated
/ Frame E9F9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8824d8abd77ded82644656e7e6952b6cb7d5d05a672d843e16037347b18e5374

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2C6F 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGOOWwfcBMAE&v=APEucNVmx7JdTuzPyeShQifZNPTwGHi4F0EHmf-6q5FcdIzNVS5k1wduL2zaKBR0H_WYw_9-iHTkIDDSI-uiXyPINSMz4FCejQS_fLrBGRUzXPSseqEqo9LbaYZcfN5p4iOeRTqUOOx7nKKtkyIsghykP-KP529EsCeEOLJBnj8GtKvkmn5rMlQ
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6740 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6740 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUXjGDiuKTBMMvrb2-U5qPQsOYEXNguFnv9sTUZXVFxNa2ddfdFYUcZhW0rJlV9qJNpngOcPZAR3cg39vSOzRmsyk_cFUfRvFxDUIXxDrT7VuSBS8
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6740 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14893318437487071276&x=1&ct=76
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 6740 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 6740 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
34108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 6740 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR80xDTqMS4EDXUZutTxoTWLuTn7jy4ZOdNiyyw0DQZmvobSZ4wWIBKTDmnVn42ucDIVgGZf3KPeCwbdRVRbgi-SYMcJw
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6740 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A12A 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGMqUwfcBMAE&v=APEucNUN1kOK-xlwWnSFLzhw8LT7UKnJf3kvES9M6KGNVDqVYghXHtwHX2JFqmAJobEs2bOwHQPTOq6GEoyYuLC-1s3-RMnFlBMYe1rqoCd-ga2OHKbjbcuif7Gw8fyIOp5TUvNbT6IvSOnAgGEImI4Ep38KTA3bSKnVItQNW8Pa6ZTnbvehsWs
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5902 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5902 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5DYCPxcgWvylv2nzi0GRILFkDQQmxJlU3toM-O90uQ0TiJ6q22PVpG2oy_jAkLaR0K1cG0tQuogkh00QG5TIg-DXYbVUpiIzt-JLUyqpyxI23ub0
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5902 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5194061478730561577&x=1&ct=76
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5902 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5902 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
34108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 5902 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHUGlzRjbgjnTMi5jaJdxQ083QcVVu8bDWaIAOJXUy2GmKR-vfflabFddvY0drk2lFscFLh_vzF7rSnXD1vdAqCyMlPA
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5902 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2A2F 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjGi4nGATAB&v=APEucNUq2qFtTbMxnv_kgURfI6UxE3iVzulIRj5STRQWLoQ03xXj0i2z5VbYKgiragb2TBuGQ9vI2DQ_9YAYn0_1UTfehBK18itBXzajhierfxta__LAU7fCpc473En2v-TLVOVYLYhH1zEP2--WMEf9AtSTOvk-3YRUO8y0zKIT7BjF8uv5xQE
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5700 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5700 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQ9WmuHXkUg4puhTcoHWLxaiPgg8ZAwvQsAnNrLzY62Jvqm8nSPHDvrh-Eecin2yhkBQ8fH3C90s2WuAXXZPI7jhTwtRjT3kQ9FPd2WAQIw1LnL2o
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5700 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11829655703231446751&x=1&ct=77
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5700 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5700 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
34108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 5700 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRG9wMf02jbqg1qAJmTzvm43s3RQXM40sUy3EQLeM3hc6xmiTPJcFclSI87IzlB8g08eeYaawpJmfEY7oMdnsLt2qIqDg
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5700 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E9F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfqDL5sjS5MBffDFl44eaJ3Z6K8gkMkWyvKNJoKYyrCr9b3POHbdjMnLoaoyudsCKYH4f91dwg6qoQvXTig8lnwmKam-mEfhHzY6zZonDYp2bpV4jqon9i3Fowehhp30XXPKvGbFMOWlV_0goYbS_yBTSn-ngLbTJoW-qcSkQBYWA7Ni0wIi1O97LMFAwhAaggwrpTasY5QC01F-ZaYDHm-QeKjutA_ILQIkCxtfZf_rCcBHwZaHSPZm94-NBvdsQXRNW6aKXiDK5Y5whcyAYJa6sHchmYcnOgnKppC65H-15GwMHbG6shU4WNQZ6EttjLYC7a01AUzqDi7qAfeju7vib1Ns9G93aZoIUvX12tbQbCrGDkNY9Cs5cmzT7ju2U_fmWmijOzhxArRg&sai=AMfl-YRkkWemEIcjpUhD5hy4CtSAYPTwafoo9j2jMbYJoyzvq5a_CzHTNmaDi_3iDTvQI1PowB_iCo2iKF6HtBn9a1sFcKLMocGgXXxSx6HL0boQZ93FGYFR5wXgmWrqvw&sig=Cg0ArKJSzJsOsgxRbaPGEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 08:15:31 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame BB68 		137 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf1854f9ede6a45601d03ba1332d38da471b4fe605f424eb45652c9c88a7fd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:15:31 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Rr9I5-sSXkLYk6qtlqtH3Vy7uZ3p_bEtK-xLN11aIJ6dzvvsZJDkFucoaPJYkaw39BrnBHCq6ClRsnIsf7b4mkEKylsrL-mrARhEVWuzY8RuBdEgzd6T3ZvV-wOzjB7TfOSK3rFQfKRtnfvLGmTO6Nw56EExk2ZqfzU-Gt9iBrZCg2nbm61NzV_xTWRxYeKtVEDNXVgqQnm35BE6Fm1KCkHLGQczGmwaXaSLnaTlTQxH4bxKQji6cE8np0S4w9aMP0uUFQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
64660745
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame AB87 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E412 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
1206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame AB87 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
34108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame AB87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJ-NvOesHI7bUOszj37-ECjjff03d4TQKRGpmoArbFLlP414-sbdv9SEpzb12y0JuAgjaSZMAJCphiaCYVdpRFoXIbTQ
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AB87 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
403791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB87 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 08:15:32 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGOOWwfcBMAE&v=APEucNVmx7JdTuzPyeShQifZNPTwGHi4F0EHmf-6q5FcdIzNVS5k1wduL2zaKBR0H_WYw_9-iHTkIDDSI-uiXyPINSMz4FCejQS_fLrBGRUzXPSseqEqo9LbaYZcfN5p4iOeRTqUOOx7nKKtkyIsghykP-KP529EsCeEOLJBnj8GtKvkmn5rMlQ
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFb8tV9lrRI9V0EaJOCA%2FJX8xsvT%2F9yIjvPhlfOKgsRKkgLUvcC8DPxmMNBZsQY%2Be5SbnqdeNmjqiI3NzcXJSUXhkytfiaS3aQp8AK3eZpmTp9aEl5Y2b37%2BCTD1b66TJ9NMsE86Y3SWDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edac13e19c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C6F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSzxIjI5J1C5GBqQA8vXMQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGOOWwfcBMAE&v=APEucNVmx7JdTuzPyeShQifZNPTwGHi4F0EHmf-6q5FcdIzNVS5k1wduL2zaKBR0H_WYw_9-iHTkIDDSI-uiXyPINSMz4FCejQS_fLrBGRUzXPSseqEqo9LbaYZcfN5p4iOeRTqUOOx7nKKtkyIsghykP-KP529EsCeEOLJBnj8GtKvkmn5rMlQ
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6rOV00wnIuFeUiiSJAzgHv2lZEJqRdiY2zLlg8VnEKHpmk6tusTmZPHHtCbqXer%2FNnE42lkDPae2GsCZOG7FLnZdjaiSUurssZfe%2BsIKBC%2Fgh%2BPGdRsbx73O6p486vuxhZic9zOgloWVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edac29f99c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAO_orRKw4VIoXuniuwhZNE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2C6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDzKtIPz3v5FddGAyg3Lz-0&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDzKtIPz3v5FddGAyg3Lz-0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGOOWwfcBMAE&v=APEucNVmx7JdTuzPyeShQifZNPTwGHi4F0EHmf-6q5FcdIzNVS5k1wduL2zaKBR0H_WYw_9-iHTkIDDSI-uiXyPINSMz4FCejQS_fLrBGRUzXPSseqEqo9LbaYZcfN5p4iOeRTqUOOx7nKKtkyIsghykP-KP529EsCeEOLJBnj8GtKvkmn5rMlQ
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
an-x-request-uuid
3e0ac7a8-523f-4f1a-b3c7-1f21b45cc487
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDzKtIPz3v5FddGAyg3Lz-0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C6F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI5MTI0MjA3MTgxMDIyMTkwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI5MTI0MjA3MTgxMDIyMTkwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGOOWwfcBMAE&v=APEucNVmx7JdTuzPyeShQifZNPTwGHi4F0EHmf-6q5FcdIzNVS5k1wduL2zaKBR0H_WYw_9-iHTkIDDSI-uiXyPINSMz4FCejQS_fLrBGRUzXPSseqEqo9LbaYZcfN5p4iOeRTqUOOx7nKKtkyIsghykP-KP529EsCeEOLJBnj8GtKvkmn5rMlQ
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
an-x-request-uuid
c8f9f64b-ceb6-4ef7-b3c1-70c2bd0444c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI5MTI0MjA3MTgxMDIyMTkwMw%3D%3D
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A12A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGMqUwfcBMAE&v=APEucNUN1kOK-xlwWnSFLzhw8LT7UKnJf3kvES9M6KGNVDqVYghXHtwHX2JFqmAJobEs2bOwHQPTOq6GEoyYuLC-1s3-RMnFlBMYe1rqoCd-ga2OHKbjbcuif7Gw8fyIOp5TUvNbT6IvSOnAgGEImI4Ep38KTA3bSKnVItQNW8Pa6ZTnbvehsWs
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A12A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzIyMTljMTYtOWNmOS0yNjNiLWQ1NTQtNTkxMDZjMjU5N2Rk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzIyMTljMTYtOWNmOS0yNjNiLWQ1NTQtNTkxMDZjMjU5N2Rk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGMqUwfcBMAE&v=APEucNUN1kOK-xlwWnSFLzhw8LT7UKnJf3kvES9M6KGNVDqVYghXHtwHX2JFqmAJobEs2bOwHQPTOq6GEoyYuLC-1s3-RMnFlBMYe1rqoCd-ga2OHKbjbcuif7Gw8fyIOp5TUvNbT6IvSOnAgGEImI4Ep38KTA3bSKnVItQNW8Pa6ZTnbvehsWs
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzIyMTljMTYtOWNmOS0yNjNiLWQ1NTQtNTkxMDZjMjU5N2Rk
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame A12A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA-8pEVKbon3MqVIDaPBzg8&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA-8pEVKbon3MqVIDaPBzg8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGMqUwfcBMAE&v=APEucNUN1kOK-xlwWnSFLzhw8LT7UKnJf3kvES9M6KGNVDqVYghXHtwHX2JFqmAJobEs2bOwHQPTOq6GEoyYuLC-1s3-RMnFlBMYe1rqoCd-ga2OHKbjbcuif7Gw8fyIOp5TUvNbT6IvSOnAgGEImI4Ep38KTA3bSKnVItQNW8Pa6ZTnbvehsWs
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Mon, 16 Oct 2023 08:15:32 GMT
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEA-8pEVKbon3MqVIDaPBzg8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A12A 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGMqUwfcBMAE&v=APEucNUN1kOK-xlwWnSFLzhw8LT7UKnJf3kvES9M6KGNVDqVYghXHtwHX2JFqmAJobEs2bOwHQPTOq6GEoyYuLC-1s3-RMnFlBMYe1rqoCd-ga2OHKbjbcuif7Gw8fyIOp5TUvNbT6IvSOnAgGEImI4Ep38KTA3bSKnVItQNW8Pa6ZTnbvehsWs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Mon, 16 Oct 2023 08:15:32 GMT
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
current
dclk-match.dotomi.com/match/bounce/ Frame E412 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENFjqufxmRw8R0j2Ww5bUd4&google_cver=1&google_push=AXcoOmQ_JI9RJvY78MejIzZwLxn4bH65QN5zv2P6nc-7cK72juZJs-WJzIWJv00XZgQwX9SWbWdHzVdzSag-hNycZLrEwpbHjAtV
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-nessy-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E412
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGU2a3RYcjMxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTGL6YkmLYQnsM5_WoMtpeE8J2JYyROZiMAb_ugqaY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGU2a3RYcjMxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTGL6YkmLYQnsM5_WoMtpeE8J2JYyROZiMAb_ugqaYWc_HiZI_4wOAtrwlqA5yGampyz9myfL5VnQbujS_06oPoIgGGXJdd
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGU2a3RYcjMxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTGL6YkmLYQnsM5_WoMtpeE8J2JYyROZiMAb_ugqaYWc_HiZI_4wOAtrwlqA5yGampyz9myfL5VnQbujS_06oPoIgGGXJdd
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E412
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOyLLHeBQ3TD_UC8hH5FTMM&google_cver=1&google_push=AXcoOmSwhtkIRBsN0K2t6y56DDsdEscbZnyzkwIzuv4rQcTRfxxhMJqpmFJUNPVJ2pcwd5neN-RScGClL2Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwhtkIRBsN0K2t6y56DDsdEscbZnyzkwIzuv4rQcTRfxxhMJqpmFJUNPVJ2pcwd5neN-RScGClL2Z0kf4sM1UTbs5lM_Jg&google_hm=znwrhlOHR1q9LVe_9b5DnXE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwhtkIRBsN0K2t6y56DDsdEscbZnyzkwIzuv4rQcTRfxxhMJqpmFJUNPVJ2pcwd5neN-RScGClL2Z0kf4sM1UTbs5lM_Jg&google_hm=znwrhlOHR1q9LVe_9b5DnXE
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwhtkIRBsN0K2t6y56DDsdEscbZnyzkwIzuv4rQcTRfxxhMJqpmFJUNPVJ2pcwd5neN-RScGClL2Z0kf4sM1UTbs5lM_Jg&google_hm=znwrhlOHR1q9LVe_9b5DnXE
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E412
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJMITETrNABCIld3I015MEg&google_cver=1&google_push=AXcoOmRWUHxvgDFVeuotAYdyev4HO0P4LYKTmvtGmza09dfI02CPDrMInIpWmGcNvsZB14cn2yUlyoLmbSeabZaat6ev6zs...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRWUHxvgDFVeuotAYdyev4HO0P4LYKTmvtGmza09dfI02CPDrMInIpWmGcNvsZB14cn2yUlyoLmbSeabZaat6ev6zsbvwiQ&google_hm=eS1aR1E5SDNwRTJwRjB2Wk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRWUHxvgDFVeuotAYdyev4HO0P4LYKTmvtGmza09dfI02CPDrMInIpWmGcNvsZB14cn2yUlyoLmbSeabZaat6ev6zsbvwiQ&google_hm=eS1aR1E5SDNwRTJwRjB2Wk16Z29sRGdQbmlMdnQwY3BRNH5B
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRWUHxvgDFVeuotAYdyev4HO0P4LYKTmvtGmza09dfI02CPDrMInIpWmGcNvsZB14cn2yUlyoLmbSeabZaat6ev6zsbvwiQ&google_hm=eS1aR1E5SDNwRTJwRjB2Wk16Z29sRGdQbmlMdnQwY3BRNH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame E412
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTwvh...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-82wsHmkC9oQRbk9_t6xMy47ZdKHe7TBI-pd0HQ&google_push=AXcoOmTwvh3TRpX8Xn2KDtLnxfUNQqUK5A2ONCoPaYyXTT6nWbRQhYZP23eFBgDWCXBZSWubscQQunBAfHSv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-82wsHmkC9oQRbk9_t6xMy47ZdKHe7TBI-pd0HQ&google_push=AXcoOmTwvh3TRpX8Xn2KDtLnxfUNQqUK5A2ONCoPaYyXTT6nWbRQhYZP23eFBgDWCXBZSWubscQQunBAfHSvmOB_yxo-XgPyWemU
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-82wsHmkC9oQRbk9_t6xMy47ZdKHe7TBI-pd0HQ&google_push=AXcoOmTwvh3TRpX8Xn2KDtLnxfUNQqUK5A2ONCoPaYyXTT6nWbRQhYZP23eFBgDWCXBZSWubscQQunBAfHSvmOB_yxo-XgPyWemU
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
768218
content-length
0
expires
Mon, 16 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E412
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x-e8GDTTQpe7JdUs2WhHHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x-e8GDTTQpe7JdUs2WhHHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTSYpy6f6WcNWQH0WgfmCWw6IwVnw5MOyIXF6OVnHCy_SwCWBCo2kUnsDW1M7gGUYcRk91DL5VRDSJL9CmEcONnUfmxMW0m
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x-e8GDTTQpe7JdUs2WhHHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTSYpy6f6WcNWQH0WgfmCWw6IwVnw5MOyIXF6OVnHCy_SwCWBCo2kUnsDW1M7gGUYcRk91DL5VRDSJL9CmEcONnUfmxMW0m
date
Mon, 16 Oct 2023 08:15:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E412
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJICwG8zHfWoquTwVLImnvQ&google_cver=1&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr8
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5NDkyNDg2OTQ4MDc1OTIzNzI2Mg%3D%3D&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5NDkyNDg2OTQ4MDc1OTIzNzI2Mg%3D%3D&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr8
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5NDkyNDg2OTQ4MDc1OTIzNzI2Mg%3D%3D&google_push=AXcoOmRMdgYlFRbKZUoLOZJR-nqgFYIazPuY8FH6bt7z25IcvqnVrqRYPBsTwfs20rurOcxsqBYq83tBnEqEWfNcan-qb11Jzmr8
date
Mon, 16 Oct 2023 08:15:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame E412 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqfshGvWU3aoq5_bvQDJ3D3TP62nD-89nc6A3dN4638RvhccQbj797ZbqjhsAfPYR0H4m6
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame AB87 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21bbb08fd6ee73a1427f394cdb77dfca994d795dfdb9fcbd4f9a3bb9d06e6cc3

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6740 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7963991034691&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6740 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7963991034691&version=m202309260101&ct=76&x=1&cor=14893318437487071000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6740 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYH2eQw4Qq3qmJBubJgMK6XIP-Gkjk24xLdozoDpasc9ExVc94yGH8b0JNAsZGw_Do1yNmGni1eRLevb8RVERlcRj0ew&cry=1&dbm_d=AKAmf-CE2cULjX0hf1tHDn6vAFyOB-1qxBmvSbvPs4PiABOdNuwevjWfhQig0zc7Zr6QRAOWSd-LcymNNwiLh17AlyNvq3wok9Z7l58DjG_b9CoKfbWYkZaqj7L9aQqYWD923DYQCSLgQQnZrdyyZqqR3SJIqMAtCRsm1MZ4NHFotdb0Y3jAGszBo-G-MHYSbX8XIYkYJZYfrq-b2lYTlZO1nqyBXDAFqYt8yyQweUX-2lYi_zQ6AlqHDG1JrLXJnqFZSRjfnl6NfQ1ciLl81n6a92gyt6F4a8hu2mTNchyi9eSmL4DLBUe4spUh8_jniTAKV3vy1_2153TQqU4KfCElwz-TpLh2xKpxdypbaWXfO6pWphAbHOIZiRuUHgRIx6-XFH30mzir-NlH0GI9GAS1Ep8zEzFOAoaAEgpqMGNnqoYhbNrO9BAbB1T5C25FqSLpAf6nH7UurbGboMl97yP5VHyNgZ_WAmzufoptVs3xvCjd9kXWBUaZ3lMt_scmcHZI6rIS1yifh0gQOAQVFRYqe21GV-BzTLiZGYHRkri-uTo1fFzvWBmSKK_eFWU41kT9hVntl9dBzDKDtzl2VNnrrF_Q1T3UJBAJhpQNpv7JMFpIlZ8QZq4rJBA6XBx2ixVaqD6thKjjh7Q9cC_r61eOH3FXvjh3EB3oiwefRvyhCquQzSw19b5ut2JQ0e6h1KG3aE3bBbGCWAwniGiFWb9M1MtyQC-kenPMeM2jhxpasfMP1JC0WLTKnxloXdegFqieytm8fNuGeRivXaJnQbv-AvAb18roqHMBAIRGN2PshMsq0jFKjXTqtuzYYT3epyJWLADCRrbHY23lbEPsiZjtE1dqTUxxPIsWV70Wih1mYyQhEZjoMSUcucfLABMf_R021Mq8dHfFWO3hLmZTcdl8cn7lBlMMMneCMj0mX4qlVrQJMm1kvWFs9v7aNI2vCmUGosA_JZL92FTaM_lpFpA-2m-BCICP0d6CiZ_vQ2OG-H9R-upIzcx-DB1_r0PbZPKlC5v2eYbuWTVxXEFfrjlWmSgl64iJHMukHNBgftrCFhvKslIeNOGPf2PI97_8TD0aNX_h_txoxoTCMsNg0S5T5adJki40diheIhyv-CHuXkNer7-efwyMimZm-zF_OZBOzDP5cwN0HktY8PvaqceDv4XF59gT-l9uXcv6urSZmgxFja3KJlXeiJFBbwWPDsdHLxg19pJPJQYjZAZvrA1eqF58MheJCaE1OH3X0xj2uz8bOhB68xaGYWTGUj8t9Qhwr0dhUC7jqJ8RV0RdcrlxC8sdRmIUvl0ljX8O8Ghu6eqHmVIusx5l7Q_mPYlNwnbXDWTMd8i_FvkHIC3iehL5ztAb3ZLvZZNCgvolbuaiiLZjDPCJPvILWFMy3mSe3YuFd3ByTxZxz6I2PHU4zzyPKIXVCZZUKS6hb2XOtNmHKpVPgGda31PYBbN0xYUYNjy7w-_hqQ2r_rBAbTJIhog4SkYpkP7Vp04jsfUYBh6rylT7BSzabCnV5DA-ACqaEHbziCztQOzsZ6uF5qeFi0KMWfpKYQJLSHoglyOEaqs4cOMZUR0_oh8K941cBaAjOCLFghxMqsXH1zVcVbgdCHx2NdJcz7WYdtdgFhDksoFPziq6-tPIXY-WTRXIuRM99zkuJlsHYCmu4xwzLpqfry2trt_cglAImzjuuRQzeBIgHS6Rz1bPMSaZiM0IERlTfg8nfPhs_G4GiDO6sGQGYKCfH0EQWdPmeiV3X2BTeRF5C6SxidUHYIISqfUysThY0rNkg92XGexSJmVWbjbViekFe44H7QNftJRqpCCB0-AuQ5aGNQWW_pVr6WBQ9M6Gkcyo84IuVrZhu052zYcamlHBM0Opf5-4QdcfjnypZb9l_tG7Gl7_cza7SSgNy3RzxP9_WA_Y1U_6VrdgB2mJ7Qs71aDPaaPBB_32jNvacQstE1wbWsMPph18vsFIyT-Rjla4OMJxwKSqWUTMSsuCDt60yXl3WlwCWtAhkj5NANG211dBWGVmY5qfASXAb_7L_dFOm-I_gvItM3MQgSa_YLZK0215z1LAX1g74HvWgatswIbWkujX6Uodd_ZCGWupHi38pmCWle6KQ_0gTtCCjTWGeD5NxNdYT5EVtvBkTWwncTgxUYnNcXUPv0HFk1rx1gtNIudY4RaoH2Tq7SlSHkr2k4IPexzJtK04ALEJr3pyqZF8kmthpm_YVZhYS2rldZLkEb69dKxEfnZKM2wcEyz398NphO5oNCw2dz_p7D4kdqD0TgelYJgeSnpvx1z2W06Z5qzkxysojKPfJExSv7dZ58ml77hyjqYTGBTPDNn9Sa_l2EqWHtQEiuTq4k_KaTCqfwwWcto--oHonOk2lcVQ88nQ_kGCW_tSTp8XWXOf_cU8tjlUnJIXROX8UicH_AmQVtd8Ufmn4xD5AxyW-oAudfoWaUteEXvGH5YIQDH_bYKq6htU_yHAzHA2AO9-gsUzuqtw8PGd8CiSyk51iF3fLMIIbmvEp92evXJiIZYXZQYojr6PupcHuB7FYgSt3pTP5G19KEO0vWjhHjH-FB0CoiGcc8kS2AnIPHYMXmpuBHvIK2PSQM6NmDuTJb8-JWqBQrfVntCKFyAuVXXCWm8wTTbJH4cE_LiiReieex0Y3yWIzkBXjHbaNGWO50jq9kgOfx-WYJL0m07YbgCfj2BoUH184rVwb9mEhYLMMPEo1Bd6ZI5qkrGqW4dNp9flUePBHbgAAGqW0LU9FHjGWNZ8yQ-5r0X8Y_2fwbilCH8gmOiHTdDiF7DIy4trtCaKrqxZlHsMbtAmLeFNCiu6s4Oy9JNyRaGUxkLAIfzJfM6I4CjWP_eT8yWv_bRfQzt-Y5bfpBLfk5H8qiiVDumY5rD6LN7p_YAyqv73jgq78tU8yPFHs3Krzxb6VQTVNqjgrtfeEPG87COxfAR_SpdfjjB7FdHHLWI_ngGD9GNpe9VdXMXZa9-DlDMrti31PT8sbpgrX9EGsU2k7G5SkgqgXp_ju7bDoIvPOCRZbgUibuWh31P0KVOJkInHxuI45HVAgD1JIoIZUAHcKBTjXtKhCTR8jzZPAspVRwBvg8HRrjxZ_22qAphv5p_hylTyhnhexAOm3DKMWarnLbwZD2EUebuw9uYelZ6cJ7FzrzynviqeoAlmaQXVb4DLKhkGX6Jy-1YXxi1gi7Ofj4YoeQ0tOI-KYf2fBUWc-ydZsyhq3y2Wk8kJeUmQjz4sSLq6ahqQ7tMpj2B5mHI0ujevP0Tng4Q3oIAOxKReiTXACEaLsP0d5gwQZ0bVRBGccqBIdRb_daGsCWltAWUPcxRkj11Xv6rvB1gX2uyhkZFvNdq9ifqPH8kq7KFtCFXL9x7YsYfjzt1rZC4W4PX2GFOrYxuOpn_hejScH4O5qvw8QYcbpZnaOhwq4qCXJnPb6BllY_XcwWzkzV1gdid3lessx2PbssT_hlm8OZJmawTcugbNYrLi6MQ5b0h4ZKyou7BG75OcmcGJK55JRIKG41KsWaM_SdYjKTnfPcXHwyR39Z-f_5Q9Z_q8njxaEnjnAU9f7K-K6ypsVqqnl5GJbbS6IF9yZgy2cGrHTxkz64w-XzlKbYUpBCgNuHBGS6Wl66hG-Qjm1m0GRPwPKySEBLfnwUWm7g_UpolldhW7HRy8SOTPGHfLNJDTD1_Nz4TuuhemRrsMEjspp32AL1Ax8LpBHT2XJ-Pg60LUxLA4CZj3yJSn_b7QVcHwUalqtwpzpNdw6E1pBMsWNyRxdxa8JEH2CmL4O51M0b4dSuvKX422n5ocKHEX6ri5lCSZeMPMQ8zzBfCK8GFu573nFsimd73L9P_9BHpg4RRZdQ0JKHZtpFPZEtIBBKssDyBiIKjGy36-svrD940ReFuBSzAvOPhqyzSdRM4bct7K12186UH5K6280I8B2ZzPoTsFF1lX8asu9ZOvc7DhHfENzlto61CbtIKoZuCujitGcctPHztkycDj9Dw4kbLKF-gCtpCqtLxTuKqH0o2gAqNNZh-fthPeUmnvQdACfTUhlcvbIl0LoORdMV-GOVGjs5P43ReCtRhXVp7mieSAUGGPab9A&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14893318437487071000&adk=2975593758&idt=149&cac=0&dtd=204
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
63a1b93b48796af84aa2f685628588651ea9e2692a10bc24006ee30c2d6e5228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38525
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 2A2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM8B9zezdvtFi5_afXg9A8I&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 2A2F 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 2A2F 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjGi4nGATAB&v=APEucNUq2qFtTbMxnv_kgURfI6UxE3iVzulIRj5STRQWLoQ03xXj0i2z5VbYKgiragb2TBuGQ9vI2DQ_9YAYn0_1UTfehBK18itBXzajhierfxta__LAU7fCpc473En2v-TLVOVYLYhH1zEP2--WMEf9AtSTOvk-3YRUO8y0zKIT7BjF8uv5xQE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
privacy_small.svg
static.criteo.net/flash/icon/ Frame BB68 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BB68 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BB68 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 10 Oct 2024 08:15:32 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BB68 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 10 Oct 2024 08:15:32 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BB68 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tL1OfWHkyptNrxU9GDfkHq63-O9R8TreoqPDXXsvYX2QSDTuY0bWijTjs8FTgYGyDk_ymsXgsRHgv1peVcWDJeN1IfIF91SG2vDZdQb_C2lgYyGdT4sBVreYMDvcSW6_wEIvtsDdEfIXGQJjGnZaFQGt7siT9TiF7jnAJFEJSlo4C1i5hAF71tge5ZFZ9-L-6A0HeHEByPQwA01CWbCEs1enuEiLOJz6mNoC7UmwpvlMF_M5LcVRBKprkkzAeAfgUNZ0XcDzKztvex4xPg8pTR4OSFmLaPny2kPBaSLOWetiU7im50j1h9Z70M81Z0VH_a7Z1XAVgSMr-3uH0bno57VEHRK3n-hWAZH0EadgM0dj1BShMRPRySN5FZVz4ks2p6jgwyE4JlSKzSHPQfnyCnwAxzKvkJ7HfblM-rqpLMLNh7wElEc0zi_hCTWAgrTCuSHc7g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2310550
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5902 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7744839071337&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5902 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7744839071337&version=m202309260101&ct=76&x=1&cor=5194061478730562000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5902 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNwZimXrSYD1X7411ZAnPSG0wj4EfjI1MrS1Jn3599RGMIkToprv49Axq3P5BGNKfHZYP-ITOKVaN8ZFz-3zm5mXZ_Yw&cry=1&dbm_d=AKAmf-CuDz95dt3rbNTb7tsRkh1VYN-u0PFUKEA2sGoaCLVY3U6YydPuWAUIjf5eWHs9ArsWlPQF43sLMS6rI5vB1fI7VAp3hxwCID7j4sv_4Fa7j9dnagJALnklYLQdI5tOOznuNTYXPRuNZGjG2NoYILX9plRxPngC8h13X57VPUgcSuDphfjRsP6WNr7FgOPq6q35FogoUn3hyrvHOaZO6mkSBPPFQmNa4E02xCP7rnPoBdzbmyyLBzG9aaqVe-pUIwjP6Ga6X6xWiT1j6MTNZ8XvoUN_4QjDECgN_itpjsWlYhRTrO_8ZKXIx13QveasqRqppgiHkBhgDMRM4y1gK4XUL8RbOCzfgvcjsVj00uYtgYMfTgK9WFktXuTQKJCekBjtUbGSo0L8rWE77C9qIPzABgiTUZKTN4kp28jOQrQe2BgCGjNxH5N9oH8DebAIXhrA1H5a5kS_JkruRGVBwnuUa7ssrKUylQ8y7TtG7aX1SfjAfwXTMp5cuhm7sw15ojriD3US2LFtZn4u7y2AXYThEM6Kc8E5Dn6BzBJaxZE2D_Psq91PCylSVSsAZpZihCXVR5_Hmfl4hk7yuCqWW5MRX6emG40642zlsh3u2X4LvRrxbDeIzRgUiheWxXq5nVR1Am0aafP7TZZR7d5nXfQganuphT3XQU7GVbXUpgkNqL2q_NXqJ2uRlNt4xlSC6un9ivjrisX2mfb-3zYj9uDvrq-QHrDYfW7VIFihmNK8PsA3j9USkT1FZyiDHdDa8-uEQF5AENKoLv1rQBl0J4ToY2s5pn3urHLPyVqwE_V-bpWcqN-ywWRe0COdiV_joDG8s6khm5k3JGSpUMDri2xAUNqyBQm5uXvQpPe5aWAAIaBKjgdvVg-7EqrtqYUne_fKSFrxl3FyBRn8j6un1eEqlLLqxbcQqzKlZAcJmRrmGrG8CPCTNm4_A8Z4DxtVarrEbwgbh22AaiMIPlOI6-5wkoKjy4DyLLy65bQ_xPcUsrfIl8blLvWqU5V5cS-kexZxAs2uiyWIivGDF1QNNDGxtPYf_YSaUJztDa2NL6jej2oHAnVY7mA5WzBij7fLUIEPGs30LuhDg_TIiZd6pF5Efx1-raXTS2T9pDghFW16pKH2eA1yilBCzmlKAEheW56JaSFzb9mp7EEoWOyz5dgyh77PoZPeypOUNpQPHSmyIDUMSMB2RrjOt8d18tAIHarwHgVCFGGGfaxFZpD_4DTgBu0CbIMU4hMFTUCKnZljdJnmC7uFcF_6aTQciBZSlVCRJnpaQ1XEvH7yjJlU3SPl8Jqj8oQCU38yPTwGwKoJw8BKevZnZUGPoyn-pZqaE4ZX5G6g2kETmrVwjo384u0Hp9OeVP1h6QVRaPWdbd7wijOTJCTCjfDAYktxQKc00ica4YoZyiTq_wijZmLlke6Hb0KqEXHEfhc4wuGMcuaDy9qVEf3N8pHruAFAtdv5LcBExTTjODmflBH-E3V3NeO2g6SPzL5o6r_Pj2e7ET8IzOPnp9wa1my-As3uwbUvAFncaHDS2m3yfNqK4PeYu3P3dLXun7Kuu8uBZOMwQM8j2eVXdHVyYVujOD8w3qr-3x9r91tKi8tbgkYziGsrmb0NdkmWL7DLSs5DPl6PdW_4pLlvcbkotC3aA4Jzubv1m_OQeXawX3RB18g_xeYltKUodQiHEqFfh8sMOUIF6mnuqFfrSn_Ewy5Zrtn54fLN63WQ1KYGLMvxM1PyO-THMLuQ_nT_XBd-Z0KXvn7zL3x-6vTaYGf9AlXm33zjrz3P-r3yeBSSLJ3Ocs2rNbkIzJhHvZgEsUq5wwWmztVonnsnF-aOGI70le10lHwW_cEO0ZwRgkxiNHRe_BUtLBHkd8sR-A4orpWqdpXcuNX5cT_5ELhoB-XA0U62TosgO-ZeFOq-JY6c19KZ4JruITWNouA-YpRpVM5zFpmtewAdZwxWbuEajBtaES18yaFLJQQwDByQdCL_guC5l5kg4RCV04j-2FZeUN4oNZUDUInfBpj2rAX7jEqJeIeg0fwJ2ydBKu79w7Ohof-xI7FEexIpK8nS_HtcISQ1OYoC7MewzF7mJrln5-af02MfBeSpe6nDYeIxYN37QKN_PYyZKnd2LkwJ3wE-6Lj0LBrXZRBv005nD7gP05tkU0iJ8r2EuqHxrSp1YK5iTKjAkwwegv-I9M1uHhGJtT7Bb4ubWzWjjg4i9omfMq9faD0V_tOfjCSNzb1sVJWl3ljEpLTwkcsskoSDUST0QMZ_qA8JuFtJ2kua3VIR2oNxhoJ_ylmW8Olyg8NpQpj6jRDdCZPZIrtZlj-5UkyrpUz0h90pHR3yRY4EkprWUmUGbYNjFIAjaiYsdpBH039fR2oDSvpvukXBcrTDCP3ZgaeZ8gwZh0h-S7dN5Vw194_S1-rQEa1_kyW8Of2q9WfzIBi0qhO5hEbVN487M2qH-twE6-7BD9P1NxpEyGtgfwJkaOYRMEonTaUs5tlHnx82LCbXJqyhyH-AF2HDH0Zul2ng9VvGrgEuzye_ebfzISBSlAK6ipG2rPGOLlOouzos-igDMPYTDBW9YNMSb4b_DVcpefMuB41DQT7H4zsLmM2d9AjgFCxNa1tAXyRBpe-hoEYq9YJy13eoyGbMk1LG8Pz41-lMMrQwlL2AFmjuep_aOgYIqQdD1H5_oJIFdhdEpSzSyj3I65_r_yzHzsHwprF4RWMtBlUyiykNdFW_BjDGWo9pLtSSiYC7hXiNek1TuPfPybNoI2G7qHJJEggaKgpu63nRBEjDseVrdSRykR8MfCh1sgb4AslPd-9Pd2F4QRZwYCvttHU-Z7OKzUi2P6IqY9ZkCb_CnYWNzFQykBt2cphHErAGXuLxDyyEU-T29epd8OA4UREufBKtBAKrCdYA4I_0iqkEMWr8O4dAgul_hqGdQMVNo3lL8ReMA-Gr8ggoXR0or3Tz2NmBwndD5p5KJzUs-kzDGVEBeDNZyRVaxpRN_dVuYT7tTP_PRtNPGLwOSSe3QnlAEVvLL2-vYXl-R5zt_WT9_JL0qDyfPlhnjvzr_Uq_MuR6VZ6_B4YrboDf81GusklmLFrql_xtjCRk4qBSEfbYg-63DbkyNnSpjsQKGLfVk7r41DkvEt2ACTVD6AHLbwxNM5Qmy7dbX9n67GMddiS6P3e0q-4FtB630n2tWG3WnF5f-qZ22QngEepA6j9AjnCnDDNalayaD8zOiqa-yN5sfrAVZ7046WyjCHCX9ku_sTOPDBxD_rCBAavD_cLTvulZqjwkNNjBT83lRMtDstZBmx5qyX_tIicKnrXur9IMDn8JxIILPfPcm-iE8vZxJcBOyO8BJluZZzZns3tQ5TB_BLS6QB8IqDnlYCsfrQSSygJxJAnYRT01-fMfabrYiGeF4UTyS-Pn5Rf_VdlEW00uaBV2ahLI2yH2M_9TDcVqpuKuftw7nKeSNQrFddlaHgftSLS_q5srEagnLKAngIXUny7sQnjxkUdCfNhDebKF7ry1Sq_neZ6ZE9nybt4W57K6m2-JNEW9eKmKL2NoKqc-QMhcfKQNihFt5w3Ch-yE5idPAG-lTEBJ7bWiW4UDP8IDZJfexE4F0KVmhFk0pHMTo_iloc3ZUrTnu1_8Ug3D3j-LYv6q9emW3aDyjgkvXlbvFjDOi4Vlrw9p3j-nu36GRdhTCKDC4nyHA4ic5g42QPNQBolQgCOM4NxTT4rQT5rOw1niMN1rJ-PJn0EiqiBMqeLjreKCMSpbXwwTJslc2ANgm-xBqRkgUcQDQOrVBVY-NHcBcdLl6JiBNagv8V9Ld6MlS02F4uUzu_T-8RCV1NzJNWfgbRE8ixqJfVyfi_z2ncDwXrKa7h7b-SVUQRxbJiMvWPUUEodygJKyznoZ23FMn53X9BhsqPbOOdGmnx-0yqmpIMm2wT68_cwlrG0ORH22cq2887NOyokuGgkQ2kjUqdkZIKWruagArW3vUXVyCoCn5C7ynBUCmDPL6hVtrJJILOv3ZGKdCXSSgrHvUPg48SH9_Tc9eHhS1JjjiRpAVR2QthmOVJ7iIU8DxEQs0Cm7HXOx3bZ1wogzx3UD8G2QBZaENJbyn2ChFH8iBwgyCXD8N4hfng&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5194061478730562000&adk=2742791599&idt=197&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
446cd2b4e062f2b83bacca715902884e9542034aa818ff1cad5edbb0aebe4fef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38708
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BB68 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
307685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xro8BIp27SbAczdF0gQIlrYCNrKStesbYX%2FvDyAJoWk%2F5hDSvEFqtPXA1C9QVjA6VsA%2Bw8M1BwgQFRAGFqQIellFZxFFpPZnsmEfJXMML40nOJLzZiPpJdzNe125T2%2B6pf4Yb81F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816edac33fc2c2a7-VIE
expires
Sat, 05 Oct 2024 08:15:32 GMT
animejs.js
static.criteo.net/animejs/ Frame BB68 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5700 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8764252526538&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5700 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8764252526538&version=m202309260101&ct=77&x=1&cor=11829655703231447000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ad.doubleclick.net/dbm/ Frame 5700 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cdj1LZvwI4XlUT-fMIdPXhy6pb6sYIQDp4w3X5NlleU87jy5-EnuOmF5i-wWucgE_GiVe5yXGfszQZDQ3NewlMTMfa8CTVzqamlm-bqGrVrniIdCwTRMYlBoVfCRsX9EMUHu5s4o22ahPf8VLEzRTUofb-aklh8ijXou3G9Qri_YekpTo&cry=1&dbm_d=AKAmf-C-JUCyyT4Mm6BTXsWpsYuKr6nowqJtn-aIfPhkYIZCm0s5eT2bW2sxnU6iAekpqZLmHdzWHFWDH5YhMPDaV-sIciwHbrPI9d0ihVNdsPLpLNqq2-a9gR-fCtf1vRjv-Rww0OOoMfYapH_0qkCJ5g_cxoVvy0iX68b2yTTWIav98-J4tfVd7mSp1MzMpnL8TSG-BBATSDfPiYXLfRHjlS8vD7zsgLD7EoDN427TPJm5HxVM9K9S5uChYw6J9EEBmK8V86UtrJDcP55d3dhlN4u_DbasYYpomhazGC6HuhQQiBIAutvLnxORLpVTJa3QMuvbtDzSzXGWmNdLfYNziK4nCcLrKxU7pCwRNZeA9tC7qDgMw5l5t9R2l6RCvHmEiLxlVBzCm8I8fIfRFKWtxkRHb_YtwvTT13KNbEOBDWtkqkk-ca-sMjpb9eaBNIJmW_gjOksxei33pTu8cIuiutVAhLxoat76OGvg0air3H7Xo6PIpRDd1HYrr2dj6be2H-KDwrfEbgSN778nOszqxOQy-TO6QT2epY2L-B_oUht7ojFd26FdMXvKZbIY1HcoS621OhJjB9hnqwlDSBeN5XBvWioeZPplZOkQjmrkbe__2XjbtzyisYHgxm71RffiPB8qomTlau0bJIMlXI6DJt7f6xmi_-yY99fSuY3iZXUmw7_zBbPna9hXx_CnJPiZCEHoC83pfxTlLtfhs74ElwqLPbbZJZFBrplrasOPQMEFFzRCEn8UyJaUja0ZzWZ0TJ3zTEqcsuMeDDRLm5b-B7WaUTvbLtkCOqzujuEEWnsrXKetbBdiC628aDxPX-GAJC-I-2Qo_RqR9SAhy9lw-Ph-9y53HcH_FIOLuEckZTkr73so_lQc1rBTae4bXLdTNSgtnE3-6Q_GkNTXT42eA-GZwgrx4dk6wuzG_IZgd6SRqPlvtWATgPZ20vqEuLrgdBaHIffyBoK3vx3HvBUx_NpI4gZmtiPeUiRKqv823Eo03PLHZpvXc0YejTMA5CnyGiuCkjPSD3uV4WfMwZvSSo78FAw0pNH8MnX8boIDfaCfaH5NM5uHnYFeu3c-4YivS8MSYk1GReTJ09TeBPbYn8x86oWbgoRSC-bBG4jsIwOVPEySov_RZxTVThMtAfMb4Ynl8pgxal59niOg_vk5770XBgJ-1L1I1ONfmfdnGx66PRbCWbMExwZ8wijgVzHSolyP4OvJwzUgHs86K6roUYa6LWVd1_ppMCfaymLaz-aDJDSDBKsJ287Khztq1buM8dHP109VSIxhD2CwYW4CtZJnZ-N0f2nH_4Nf_gURepaqf2Xo6x1sGzHtXsdnpadJH-JEwIadnntN3BEsp2z0fUKiSW6N9S1gPNpf5HP7r3AxoeBFOHgThyLZOugYozFsUzgUFGVES5HeczRWL35eo-2YDZSM935NG8dfYXP2r2i-onrYGGfjXTadzn6L4xwZ3a_6DHvcz_5hLeCOjvJzqIgyjF4eObCRYhbfNY-84EHdd_ILr2sontuOjSfiHQ5JcvKnbbcdAlo-oB3Ugi0XTW4IxYJHqrdGIWyhC8DEqNF3oEqn0XGpTUJNxZ1h1pcVZkpcocwDnAgevdGgdVCjhXhn3tJzo8fXAP87CDazqy4_gvM5ucFlhpVyruXmZJUBpENd_p2X4LJDVySp2d-5uN77Fw3AyA6E41Ikb2fMwA-a5s7k2VRsa9PITpURoyrU7ImCCFI5ava8exPkJ_pNI1D4FtpWTQvLZz1099G0U0BMccKYmuIlhOtan30JlGJdn8IZd9AochN6tv91JKNBdTwawGRcF2oGMXbLKL6Hyht-Nb7ZFHWXAIfLTTGiOtKwhwh8Hh-2DRR4Hy-k-YNiJZz2Xmn7b-BQWjQPIrms6CCwEqZCAsCFuJKEkKNXa3ueHE5-oPp2yrYjke2hsbWy2e9VyxV04xarIjo622s7EZFf0WXdda13qxA6387kfe3HU8jg4o7YfIYFrItu2EBgWIf5e7xUDUvW5fhIlY4h6ZiNdmRiMQR1VdmomKX7L-MP4AyYNroSyZvYaWI4dSNltkLpIsdtr1FHxhGgz4_xx0SREAQYw185L7C9QRBg1oVli8gWxEjkToqVk-GnDb5F2eyHW1v0MEDXjuTj3N2RVjKOllZ_hWnDuFh51ghJ7YS3WBm0BP7snApACCoUw4vy2lESGHlTZObCqfI_HY8OxpzyRtycIieVESKJfFmmL4zppy3SHtuANariciLUDhOpCypMibILcpUhi8vpJHj5sysy_iYmRsK_9dgNAv6J04kAS55q0OmAUV34ZIL11J7G8HZXAwOmIfywpb1Lr5Q82_XiXdPeT3Ub73U49veL9pCOArgpaMwI1_x0h2oCPrXYARfI5wy02xdfOgQY8HW_gBzQ0JY_V1MkqBHa5YMSNWfxzysJPIUnu79lAZj-LTXFQnTluwdbeZZ9V5iUk57vQ7OI6xUwJZWU4rsJuOsgfWPQmb4O2IOgfzeZHSXV7C5CK54QX03sSdjH3ZW1VZR2X4FdRU0RFb6U0qp3lXbsdojJx5P1HIN7AuRFOzDkYoNpzKY445vBfKgRX-eoYD6WMJG3LpcLr6b0GuJKm4QFCszKXAk7c9B3n_V3ECm2UaORiXvI2HJr-I1FTJnkATKzfpDUeKzm1sEkRU5j632IgTa0LgSqGXNqz9g5cYlYNFODg5yIfXJwVvcLua_iPKPRY7VvmqYktcIIwXoHOg9Z7x-9a1iuJuogqinXBCV311Sj1qGX8EWvt0PWkJJKWjiZqlwp4ByQ6BIdJnoTaaYlz7WsjtwKohrcFM_MqqNrQ1Al9u-qufqlrC_b1FFVICKbANBa7JnpampJfyJBXFioDHfzMSImFL4v5jipQEkE6v5YYX9bFgzjGvjRUeFa6kNyI3GGNLHkLKVc7p3dryDrOpRoa6QBLKHLD03pExnw4vJ3DzqthpKPz01d1Ucrs_WHAuSaUhbG_AoPhUyx5dxXFFh8-RmApBu_gL6sXEffCo6IwiXMZhMQshlKIe6FGldjkZW4fC-mTEa6fTH0TkgeQTOgiGsx0-AaQP88ZJP_MjUbNITz-UILDssXakNK2KTHrMNv_Pgij3B9jDpHOZ-MQAQCa0akjE1zQ5PDzeU6Glab30RZVqfR3Gs4kxnHaBi1GYMuI9x7YR0mBYnnSErJzI82Aite_YPZ_HXxogjIvIrOSAjNjWa0dQwNRAWfrYRSLghqHJTThsDr3hA4G0O82cVUcn49QdfGz8BuXG4dUfCfr3f96vePWqgxfuJG7ga7RD6n2lELBwKnzV05l4lnBqdPcsch6CXMi4hTGDV4NbbtQJraL6W4ra1WHMfBfMamXR2DDu7NmPUKUHEiHsoIiKCgax3LSi5LYzlmiTUp4axEpjbTXibt3rFYsX0YcTtDBHB1UJWnKivlKWm9TQRBK3cvnnu89mLYLAwC_xCWdRUhjh83iQIoSYhbG08cqOguaQ2WYjxNaQilYYesIsImTMZjVIVNYRK2t4fxHQ3BLMWOm-xGKwKT8Emx5i-_FhTC_GFcwOcrXTmRmZTRZAbXuyICFZ-B3qlFL6J4CGAbcJCv4smDDdcxep4WiS3hesmlwl9IfZW70ulOJSlhb6PlNgKgduDCXjyQMZ7VUVgs1EbdOU0h1W0WfB6vJfHa6MkkTIyH_gdSxD_1FxN-nydr4fGeGlRr6OOvGvpoM8cW1n7IToVpFBvZZyBn0EXjzjZCpF-vmXSlDIS-Y66cI4v0UiFaX9_PJNEUXOXv_n70D2Z6Oy-NqifoEGmcb99A2lX5cPLtRnWFuTPE-koGvbxZieim_WPNErChEMCt1KDXjbI5xEuTIooeBShdYrwVTW1SZhf2aJMkUrk_MwpGm_g0TEZ_oZJZ6BBJ3x73t7zzkUK5ulsaCPUgteDrd-ChhEqMuVj_6-jmpl6Lu8mcO3_KmgXwiBHxbztAE72tS8ChQI8mczLmzLv3E52zuqrBMNnOQ1EApYYMp4ZZJr--qSh3TH_JTFJO6-o-RD2w73IJ9MfXNralXMtQ2MTKeAQlounEzTE_L-4ebx3SOPxSvbSQHAagLHPdQ_IqtZp8yOzvQZ0-vzeSZIiF470ldAQlAwO21K69YENW_WyMZaMhf8p9ORezfNA_r0ARNpvKV8ETOb3SZ-wodyeCGppfZ-L2L-ttvOhsuz_vhiQt0__5uBXbIQrzMUUx4hwA&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11829655703231447000&adk=238596429&idt=159&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
1fd8c85d126b50d26a021efaaa70b04b68fc03f2f12e21ecbc0ad5d8fafb888b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=12228&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F12228%2F4845322%2F43fb3bf86ab04e509ae7ebcd7e29ef4a_logo_n_horizontal_13.png&v=3&w=596&rid=4&s=dchWt-GfyamT2xENqUK_pQGR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f5f1ef8170615451176f1f9879c5b5c9c686fb49fc0303574a577c8a270e8083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16488
expires
Wed, 09 Oct 2024 02:01:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12228&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.at%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC23_9223_SA.jpg&v=3&w=400&rid=4&s=f3qXbmx5aLQbandpL73uzg2E&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e4b492abbdd8780ed8c9b3a9ad93d88d52fe3f5c387bf36faf0a9d4dc15104bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=43200
timing-allow-origin
*
content-length
7528
expires
Mon, 16 Oct 2023 09:27:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12228&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.at%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC24_6239_SA.jpg&v=3&w=400&rid=4&s=Zpre96NkkcmrSnTRTPCEnAw4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd2e27ef82874491cf5124d579e104711af982bc99e4af3acb420bc9401afd3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=518392
timing-allow-origin
*
content-length
13750
expires
Thu, 19 Oct 2023 09:27:35 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12228&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.at%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC23_3914_SA.jpg&v=3&w=400&rid=4&s=Wf3qlqDCl95lANFHeFqRpyOZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ac20eb64e13d46968273ab7a11de467aac9a886416fa48c9f65b8c3b8f78d398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=252015
timing-allow-origin
*
content-length
17754
expires
Wed, 18 Oct 2023 11:50:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12228&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.at%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC44_5691_FA_063.jpg&v=3&w=400&rid=4&s=73qCczno14y9JMmXcoDxtIIY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
046b175d4799fd58e4a4159a7eac75b46ba3fc9548c6689e44a7ff29f2dcb2d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
10996
expires
Fri, 20 Oct 2023 09:28:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12228&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.at%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC43_2369_FA.jpg&v=3&w=400&rid=4&s=qvvFK5RpSfAG1itnPfwFywEe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7500f7f83cdce1ab2dfd7be6ddc073c8a3b922baa87caa4b295072b5cc43e828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=575624
timing-allow-origin
*
content-length
6514
expires
Tue, 17 Oct 2023 09:23:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame BB68 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12228&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.at%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC10_6341_SA.jpg&v=3&w=400&rid=4&s=Et0DWoLkjw6HMDl7R47GJbEu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a9142dcb0d9f50de27b3285148915a6621d3e74e9b9cb23ac7b008a2521d45ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=420372
timing-allow-origin
*
content-length
30588
expires
Fri, 20 Oct 2023 06:13:33 GMT
all
csm.eu.criteo.net/ Frame BB68 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Rr9I5-sSXkLYk6qtlqtH3Vy7uZ3p_bEtK-xLN11aIJ6dzvvsZJDkFucoaPJYkaw39BrnBHCq6ClRsnIsf7b4mkEKylsrL-mrARhEVWuzY8RuBdEgzd6T3ZvV-wOzjB7TfOSK3rFQfKRtnfvLGmTO6Nw56EExk2ZqfzU-Gt9iBrZCg2nbm61NzV_xTWRxYeKtVEDNXVgqQnm35BE6Fm1KCkHLGQczGmwaXaSLnaTlTQxH4bxKQji6cE8np0S4w9aMP0uUFQ&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BB68 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BB68 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&u=%7CLOULbUg41HmaE1pFwrwNyno42fOH6H0Zpt3tKjKZwkE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY0fIRr9msFjvo_-2Tw-Dun4HTO37IN0jPNXsnZjwHwNNjMPNg4aUv7G3-ECkhRNfh9OAB3ADbDILrxIcb_-D694Tr7lpRy6uvycsh3C753-U71JYSqr_7Qr9L41A6Z3SQl9lETeeW85fUj2ll7HyJS6Ef_Ue7p4f4ry1bJOFUCKqHzS2vk3hGnmMjS1ug6ITKAp2pY7RkAIi-Nr-9J-oal29uC6YdPBf7WQUajjQcaJQgdZSQ62D_dSPPy1fX7P_INishl8ljWSx21lEZqOl9grTVnCSOGXk-ONPCsTzdkOLk65Xm13Y7LJqSxlnLh3ZddbDJmT1qpRYuu7gzK9Q9pzsqzVIMgyY3MpS9hgQNgxFq-NLTwxXvG8dLbdCvTCpg6u5RprfY2nEf2mkYDXzRZdiEwMELe1ZhE-nNZRn3f_NQkcq91bhy-iPnJ5-88cGTJv9rtz7PrHiezZ1btP_WnRYeeMIQ6VRPMoM9AEDMYCUYe9uSIKtkqU-B0fhCE127Zw1v2KOOEfnoi_2moLXcOxPKk-_7WUxVkjDDy3ryjP-rx9FqJ9ZOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7zHPIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEtAJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2cREtFHEiYunC9crFhTvOLijP54sGqPHlJmhf3Tvv94D09VD_T7yAmtW-AEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3agWRXgAKUvlPVvBlpAymsIIF7-Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6740 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Origin
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 6740 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYH2eQw4Qq3qmJBubJgMK6XIP-Gkjk24xLdozoDpasc9ExVc94yGH8b0JNAsZGw_Do1yNmGni1eRLevb8RVERlcRj0ew&cry=1&dbm_d=AKAmf-CE2cULjX0hf1tHDn6vAFyOB-1qxBmvSbvPs4PiABOdNuwevjWfhQig0zc7Zr6QRAOWSd-LcymNNwiLh17AlyNvq3wok9Z7l58DjG_b9CoKfbWYkZaqj7L9aQqYWD923DYQCSLgQQnZrdyyZqqR3SJIqMAtCRsm1MZ4NHFotdb0Y3jAGszBo-G-MHYSbX8XIYkYJZYfrq-b2lYTlZO1nqyBXDAFqYt8yyQweUX-2lYi_zQ6AlqHDG1JrLXJnqFZSRjfnl6NfQ1ciLl81n6a92gyt6F4a8hu2mTNchyi9eSmL4DLBUe4spUh8_jniTAKV3vy1_2153TQqU4KfCElwz-TpLh2xKpxdypbaWXfO6pWphAbHOIZiRuUHgRIx6-XFH30mzir-NlH0GI9GAS1Ep8zEzFOAoaAEgpqMGNnqoYhbNrO9BAbB1T5C25FqSLpAf6nH7UurbGboMl97yP5VHyNgZ_WAmzufoptVs3xvCjd9kXWBUaZ3lMt_scmcHZI6rIS1yifh0gQOAQVFRYqe21GV-BzTLiZGYHRkri-uTo1fFzvWBmSKK_eFWU41kT9hVntl9dBzDKDtzl2VNnrrF_Q1T3UJBAJhpQNpv7JMFpIlZ8QZq4rJBA6XBx2ixVaqD6thKjjh7Q9cC_r61eOH3FXvjh3EB3oiwefRvyhCquQzSw19b5ut2JQ0e6h1KG3aE3bBbGCWAwniGiFWb9M1MtyQC-kenPMeM2jhxpasfMP1JC0WLTKnxloXdegFqieytm8fNuGeRivXaJnQbv-AvAb18roqHMBAIRGN2PshMsq0jFKjXTqtuzYYT3epyJWLADCRrbHY23lbEPsiZjtE1dqTUxxPIsWV70Wih1mYyQhEZjoMSUcucfLABMf_R021Mq8dHfFWO3hLmZTcdl8cn7lBlMMMneCMj0mX4qlVrQJMm1kvWFs9v7aNI2vCmUGosA_JZL92FTaM_lpFpA-2m-BCICP0d6CiZ_vQ2OG-H9R-upIzcx-DB1_r0PbZPKlC5v2eYbuWTVxXEFfrjlWmSgl64iJHMukHNBgftrCFhvKslIeNOGPf2PI97_8TD0aNX_h_txoxoTCMsNg0S5T5adJki40diheIhyv-CHuXkNer7-efwyMimZm-zF_OZBOzDP5cwN0HktY8PvaqceDv4XF59gT-l9uXcv6urSZmgxFja3KJlXeiJFBbwWPDsdHLxg19pJPJQYjZAZvrA1eqF58MheJCaE1OH3X0xj2uz8bOhB68xaGYWTGUj8t9Qhwr0dhUC7jqJ8RV0RdcrlxC8sdRmIUvl0ljX8O8Ghu6eqHmVIusx5l7Q_mPYlNwnbXDWTMd8i_FvkHIC3iehL5ztAb3ZLvZZNCgvolbuaiiLZjDPCJPvILWFMy3mSe3YuFd3ByTxZxz6I2PHU4zzyPKIXVCZZUKS6hb2XOtNmHKpVPgGda31PYBbN0xYUYNjy7w-_hqQ2r_rBAbTJIhog4SkYpkP7Vp04jsfUYBh6rylT7BSzabCnV5DA-ACqaEHbziCztQOzsZ6uF5qeFi0KMWfpKYQJLSHoglyOEaqs4cOMZUR0_oh8K941cBaAjOCLFghxMqsXH1zVcVbgdCHx2NdJcz7WYdtdgFhDksoFPziq6-tPIXY-WTRXIuRM99zkuJlsHYCmu4xwzLpqfry2trt_cglAImzjuuRQzeBIgHS6Rz1bPMSaZiM0IERlTfg8nfPhs_G4GiDO6sGQGYKCfH0EQWdPmeiV3X2BTeRF5C6SxidUHYIISqfUysThY0rNkg92XGexSJmVWbjbViekFe44H7QNftJRqpCCB0-AuQ5aGNQWW_pVr6WBQ9M6Gkcyo84IuVrZhu052zYcamlHBM0Opf5-4QdcfjnypZb9l_tG7Gl7_cza7SSgNy3RzxP9_WA_Y1U_6VrdgB2mJ7Qs71aDPaaPBB_32jNvacQstE1wbWsMPph18vsFIyT-Rjla4OMJxwKSqWUTMSsuCDt60yXl3WlwCWtAhkj5NANG211dBWGVmY5qfASXAb_7L_dFOm-I_gvItM3MQgSa_YLZK0215z1LAX1g74HvWgatswIbWkujX6Uodd_ZCGWupHi38pmCWle6KQ_0gTtCCjTWGeD5NxNdYT5EVtvBkTWwncTgxUYnNcXUPv0HFk1rx1gtNIudY4RaoH2Tq7SlSHkr2k4IPexzJtK04ALEJr3pyqZF8kmthpm_YVZhYS2rldZLkEb69dKxEfnZKM2wcEyz398NphO5oNCw2dz_p7D4kdqD0TgelYJgeSnpvx1z2W06Z5qzkxysojKPfJExSv7dZ58ml77hyjqYTGBTPDNn9Sa_l2EqWHtQEiuTq4k_KaTCqfwwWcto--oHonOk2lcVQ88nQ_kGCW_tSTp8XWXOf_cU8tjlUnJIXROX8UicH_AmQVtd8Ufmn4xD5AxyW-oAudfoWaUteEXvGH5YIQDH_bYKq6htU_yHAzHA2AO9-gsUzuqtw8PGd8CiSyk51iF3fLMIIbmvEp92evXJiIZYXZQYojr6PupcHuB7FYgSt3pTP5G19KEO0vWjhHjH-FB0CoiGcc8kS2AnIPHYMXmpuBHvIK2PSQM6NmDuTJb8-JWqBQrfVntCKFyAuVXXCWm8wTTbJH4cE_LiiReieex0Y3yWIzkBXjHbaNGWO50jq9kgOfx-WYJL0m07YbgCfj2BoUH184rVwb9mEhYLMMPEo1Bd6ZI5qkrGqW4dNp9flUePBHbgAAGqW0LU9FHjGWNZ8yQ-5r0X8Y_2fwbilCH8gmOiHTdDiF7DIy4trtCaKrqxZlHsMbtAmLeFNCiu6s4Oy9JNyRaGUxkLAIfzJfM6I4CjWP_eT8yWv_bRfQzt-Y5bfpBLfk5H8qiiVDumY5rD6LN7p_YAyqv73jgq78tU8yPFHs3Krzxb6VQTVNqjgrtfeEPG87COxfAR_SpdfjjB7FdHHLWI_ngGD9GNpe9VdXMXZa9-DlDMrti31PT8sbpgrX9EGsU2k7G5SkgqgXp_ju7bDoIvPOCRZbgUibuWh31P0KVOJkInHxuI45HVAgD1JIoIZUAHcKBTjXtKhCTR8jzZPAspVRwBvg8HRrjxZ_22qAphv5p_hylTyhnhexAOm3DKMWarnLbwZD2EUebuw9uYelZ6cJ7FzrzynviqeoAlmaQXVb4DLKhkGX6Jy-1YXxi1gi7Ofj4YoeQ0tOI-KYf2fBUWc-ydZsyhq3y2Wk8kJeUmQjz4sSLq6ahqQ7tMpj2B5mHI0ujevP0Tng4Q3oIAOxKReiTXACEaLsP0d5gwQZ0bVRBGccqBIdRb_daGsCWltAWUPcxRkj11Xv6rvB1gX2uyhkZFvNdq9ifqPH8kq7KFtCFXL9x7YsYfjzt1rZC4W4PX2GFOrYxuOpn_hejScH4O5qvw8QYcbpZnaOhwq4qCXJnPb6BllY_XcwWzkzV1gdid3lessx2PbssT_hlm8OZJmawTcugbNYrLi6MQ5b0h4ZKyou7BG75OcmcGJK55JRIKG41KsWaM_SdYjKTnfPcXHwyR39Z-f_5Q9Z_q8njxaEnjnAU9f7K-K6ypsVqqnl5GJbbS6IF9yZgy2cGrHTxkz64w-XzlKbYUpBCgNuHBGS6Wl66hG-Qjm1m0GRPwPKySEBLfnwUWm7g_UpolldhW7HRy8SOTPGHfLNJDTD1_Nz4TuuhemRrsMEjspp32AL1Ax8LpBHT2XJ-Pg60LUxLA4CZj3yJSn_b7QVcHwUalqtwpzpNdw6E1pBMsWNyRxdxa8JEH2CmL4O51M0b4dSuvKX422n5ocKHEX6ri5lCSZeMPMQ8zzBfCK8GFu573nFsimd73L9P_9BHpg4RRZdQ0JKHZtpFPZEtIBBKssDyBiIKjGy36-svrD940ReFuBSzAvOPhqyzSdRM4bct7K12186UH5K6280I8B2ZzPoTsFF1lX8asu9ZOvc7DhHfENzlto61CbtIKoZuCujitGcctPHztkycDj9Dw4kbLKF-gCtpCqtLxTuKqH0o2gAqNNZh-fthPeUmnvQdACfTUhlcvbIl0LoORdMV-GOVGjs5P43ReCtRhXVp7mieSAUGGPab9A&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14893318437487071000&adk=2975593758&idt=149&cac=0&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
66701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 6740 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYH2eQw4Qq3qmJBubJgMK6XIP-Gkjk24xLdozoDpasc9ExVc94yGH8b0JNAsZGw_Do1yNmGni1eRLevb8RVERlcRj0ew&cry=1&dbm_d=AKAmf-CE2cULjX0hf1tHDn6vAFyOB-1qxBmvSbvPs4PiABOdNuwevjWfhQig0zc7Zr6QRAOWSd-LcymNNwiLh17AlyNvq3wok9Z7l58DjG_b9CoKfbWYkZaqj7L9aQqYWD923DYQCSLgQQnZrdyyZqqR3SJIqMAtCRsm1MZ4NHFotdb0Y3jAGszBo-G-MHYSbX8XIYkYJZYfrq-b2lYTlZO1nqyBXDAFqYt8yyQweUX-2lYi_zQ6AlqHDG1JrLXJnqFZSRjfnl6NfQ1ciLl81n6a92gyt6F4a8hu2mTNchyi9eSmL4DLBUe4spUh8_jniTAKV3vy1_2153TQqU4KfCElwz-TpLh2xKpxdypbaWXfO6pWphAbHOIZiRuUHgRIx6-XFH30mzir-NlH0GI9GAS1Ep8zEzFOAoaAEgpqMGNnqoYhbNrO9BAbB1T5C25FqSLpAf6nH7UurbGboMl97yP5VHyNgZ_WAmzufoptVs3xvCjd9kXWBUaZ3lMt_scmcHZI6rIS1yifh0gQOAQVFRYqe21GV-BzTLiZGYHRkri-uTo1fFzvWBmSKK_eFWU41kT9hVntl9dBzDKDtzl2VNnrrF_Q1T3UJBAJhpQNpv7JMFpIlZ8QZq4rJBA6XBx2ixVaqD6thKjjh7Q9cC_r61eOH3FXvjh3EB3oiwefRvyhCquQzSw19b5ut2JQ0e6h1KG3aE3bBbGCWAwniGiFWb9M1MtyQC-kenPMeM2jhxpasfMP1JC0WLTKnxloXdegFqieytm8fNuGeRivXaJnQbv-AvAb18roqHMBAIRGN2PshMsq0jFKjXTqtuzYYT3epyJWLADCRrbHY23lbEPsiZjtE1dqTUxxPIsWV70Wih1mYyQhEZjoMSUcucfLABMf_R021Mq8dHfFWO3hLmZTcdl8cn7lBlMMMneCMj0mX4qlVrQJMm1kvWFs9v7aNI2vCmUGosA_JZL92FTaM_lpFpA-2m-BCICP0d6CiZ_vQ2OG-H9R-upIzcx-DB1_r0PbZPKlC5v2eYbuWTVxXEFfrjlWmSgl64iJHMukHNBgftrCFhvKslIeNOGPf2PI97_8TD0aNX_h_txoxoTCMsNg0S5T5adJki40diheIhyv-CHuXkNer7-efwyMimZm-zF_OZBOzDP5cwN0HktY8PvaqceDv4XF59gT-l9uXcv6urSZmgxFja3KJlXeiJFBbwWPDsdHLxg19pJPJQYjZAZvrA1eqF58MheJCaE1OH3X0xj2uz8bOhB68xaGYWTGUj8t9Qhwr0dhUC7jqJ8RV0RdcrlxC8sdRmIUvl0ljX8O8Ghu6eqHmVIusx5l7Q_mPYlNwnbXDWTMd8i_FvkHIC3iehL5ztAb3ZLvZZNCgvolbuaiiLZjDPCJPvILWFMy3mSe3YuFd3ByTxZxz6I2PHU4zzyPKIXVCZZUKS6hb2XOtNmHKpVPgGda31PYBbN0xYUYNjy7w-_hqQ2r_rBAbTJIhog4SkYpkP7Vp04jsfUYBh6rylT7BSzabCnV5DA-ACqaEHbziCztQOzsZ6uF5qeFi0KMWfpKYQJLSHoglyOEaqs4cOMZUR0_oh8K941cBaAjOCLFghxMqsXH1zVcVbgdCHx2NdJcz7WYdtdgFhDksoFPziq6-tPIXY-WTRXIuRM99zkuJlsHYCmu4xwzLpqfry2trt_cglAImzjuuRQzeBIgHS6Rz1bPMSaZiM0IERlTfg8nfPhs_G4GiDO6sGQGYKCfH0EQWdPmeiV3X2BTeRF5C6SxidUHYIISqfUysThY0rNkg92XGexSJmVWbjbViekFe44H7QNftJRqpCCB0-AuQ5aGNQWW_pVr6WBQ9M6Gkcyo84IuVrZhu052zYcamlHBM0Opf5-4QdcfjnypZb9l_tG7Gl7_cza7SSgNy3RzxP9_WA_Y1U_6VrdgB2mJ7Qs71aDPaaPBB_32jNvacQstE1wbWsMPph18vsFIyT-Rjla4OMJxwKSqWUTMSsuCDt60yXl3WlwCWtAhkj5NANG211dBWGVmY5qfASXAb_7L_dFOm-I_gvItM3MQgSa_YLZK0215z1LAX1g74HvWgatswIbWkujX6Uodd_ZCGWupHi38pmCWle6KQ_0gTtCCjTWGeD5NxNdYT5EVtvBkTWwncTgxUYnNcXUPv0HFk1rx1gtNIudY4RaoH2Tq7SlSHkr2k4IPexzJtK04ALEJr3pyqZF8kmthpm_YVZhYS2rldZLkEb69dKxEfnZKM2wcEyz398NphO5oNCw2dz_p7D4kdqD0TgelYJgeSnpvx1z2W06Z5qzkxysojKPfJExSv7dZ58ml77hyjqYTGBTPDNn9Sa_l2EqWHtQEiuTq4k_KaTCqfwwWcto--oHonOk2lcVQ88nQ_kGCW_tSTp8XWXOf_cU8tjlUnJIXROX8UicH_AmQVtd8Ufmn4xD5AxyW-oAudfoWaUteEXvGH5YIQDH_bYKq6htU_yHAzHA2AO9-gsUzuqtw8PGd8CiSyk51iF3fLMIIbmvEp92evXJiIZYXZQYojr6PupcHuB7FYgSt3pTP5G19KEO0vWjhHjH-FB0CoiGcc8kS2AnIPHYMXmpuBHvIK2PSQM6NmDuTJb8-JWqBQrfVntCKFyAuVXXCWm8wTTbJH4cE_LiiReieex0Y3yWIzkBXjHbaNGWO50jq9kgOfx-WYJL0m07YbgCfj2BoUH184rVwb9mEhYLMMPEo1Bd6ZI5qkrGqW4dNp9flUePBHbgAAGqW0LU9FHjGWNZ8yQ-5r0X8Y_2fwbilCH8gmOiHTdDiF7DIy4trtCaKrqxZlHsMbtAmLeFNCiu6s4Oy9JNyRaGUxkLAIfzJfM6I4CjWP_eT8yWv_bRfQzt-Y5bfpBLfk5H8qiiVDumY5rD6LN7p_YAyqv73jgq78tU8yPFHs3Krzxb6VQTVNqjgrtfeEPG87COxfAR_SpdfjjB7FdHHLWI_ngGD9GNpe9VdXMXZa9-DlDMrti31PT8sbpgrX9EGsU2k7G5SkgqgXp_ju7bDoIvPOCRZbgUibuWh31P0KVOJkInHxuI45HVAgD1JIoIZUAHcKBTjXtKhCTR8jzZPAspVRwBvg8HRrjxZ_22qAphv5p_hylTyhnhexAOm3DKMWarnLbwZD2EUebuw9uYelZ6cJ7FzrzynviqeoAlmaQXVb4DLKhkGX6Jy-1YXxi1gi7Ofj4YoeQ0tOI-KYf2fBUWc-ydZsyhq3y2Wk8kJeUmQjz4sSLq6ahqQ7tMpj2B5mHI0ujevP0Tng4Q3oIAOxKReiTXACEaLsP0d5gwQZ0bVRBGccqBIdRb_daGsCWltAWUPcxRkj11Xv6rvB1gX2uyhkZFvNdq9ifqPH8kq7KFtCFXL9x7YsYfjzt1rZC4W4PX2GFOrYxuOpn_hejScH4O5qvw8QYcbpZnaOhwq4qCXJnPb6BllY_XcwWzkzV1gdid3lessx2PbssT_hlm8OZJmawTcugbNYrLi6MQ5b0h4ZKyou7BG75OcmcGJK55JRIKG41KsWaM_SdYjKTnfPcXHwyR39Z-f_5Q9Z_q8njxaEnjnAU9f7K-K6ypsVqqnl5GJbbS6IF9yZgy2cGrHTxkz64w-XzlKbYUpBCgNuHBGS6Wl66hG-Qjm1m0GRPwPKySEBLfnwUWm7g_UpolldhW7HRy8SOTPGHfLNJDTD1_Nz4TuuhemRrsMEjspp32AL1Ax8LpBHT2XJ-Pg60LUxLA4CZj3yJSn_b7QVcHwUalqtwpzpNdw6E1pBMsWNyRxdxa8JEH2CmL4O51M0b4dSuvKX422n5ocKHEX6ri5lCSZeMPMQ8zzBfCK8GFu573nFsimd73L9P_9BHpg4RRZdQ0JKHZtpFPZEtIBBKssDyBiIKjGy36-svrD940ReFuBSzAvOPhqyzSdRM4bct7K12186UH5K6280I8B2ZzPoTsFF1lX8asu9ZOvc7DhHfENzlto61CbtIKoZuCujitGcctPHztkycDj9Dw4kbLKF-gCtpCqtLxTuKqH0o2gAqNNZh-fthPeUmnvQdACfTUhlcvbIl0LoORdMV-GOVGjs5P43ReCtRhXVp7mieSAUGGPab9A&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14893318437487071000&adk=2975593758&idt=149&cac=0&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
65892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:57:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6740 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
376580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 23:39:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F2D5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
1207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6740 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a5cd376f37533806796ac78737a6a23de72d2e6d364a9a5e4cfb7edafc74449

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5902 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Origin
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 5902 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNwZimXrSYD1X7411ZAnPSG0wj4EfjI1MrS1Jn3599RGMIkToprv49Axq3P5BGNKfHZYP-ITOKVaN8ZFz-3zm5mXZ_Yw&cry=1&dbm_d=AKAmf-CuDz95dt3rbNTb7tsRkh1VYN-u0PFUKEA2sGoaCLVY3U6YydPuWAUIjf5eWHs9ArsWlPQF43sLMS6rI5vB1fI7VAp3hxwCID7j4sv_4Fa7j9dnagJALnklYLQdI5tOOznuNTYXPRuNZGjG2NoYILX9plRxPngC8h13X57VPUgcSuDphfjRsP6WNr7FgOPq6q35FogoUn3hyrvHOaZO6mkSBPPFQmNa4E02xCP7rnPoBdzbmyyLBzG9aaqVe-pUIwjP6Ga6X6xWiT1j6MTNZ8XvoUN_4QjDECgN_itpjsWlYhRTrO_8ZKXIx13QveasqRqppgiHkBhgDMRM4y1gK4XUL8RbOCzfgvcjsVj00uYtgYMfTgK9WFktXuTQKJCekBjtUbGSo0L8rWE77C9qIPzABgiTUZKTN4kp28jOQrQe2BgCGjNxH5N9oH8DebAIXhrA1H5a5kS_JkruRGVBwnuUa7ssrKUylQ8y7TtG7aX1SfjAfwXTMp5cuhm7sw15ojriD3US2LFtZn4u7y2AXYThEM6Kc8E5Dn6BzBJaxZE2D_Psq91PCylSVSsAZpZihCXVR5_Hmfl4hk7yuCqWW5MRX6emG40642zlsh3u2X4LvRrxbDeIzRgUiheWxXq5nVR1Am0aafP7TZZR7d5nXfQganuphT3XQU7GVbXUpgkNqL2q_NXqJ2uRlNt4xlSC6un9ivjrisX2mfb-3zYj9uDvrq-QHrDYfW7VIFihmNK8PsA3j9USkT1FZyiDHdDa8-uEQF5AENKoLv1rQBl0J4ToY2s5pn3urHLPyVqwE_V-bpWcqN-ywWRe0COdiV_joDG8s6khm5k3JGSpUMDri2xAUNqyBQm5uXvQpPe5aWAAIaBKjgdvVg-7EqrtqYUne_fKSFrxl3FyBRn8j6un1eEqlLLqxbcQqzKlZAcJmRrmGrG8CPCTNm4_A8Z4DxtVarrEbwgbh22AaiMIPlOI6-5wkoKjy4DyLLy65bQ_xPcUsrfIl8blLvWqU5V5cS-kexZxAs2uiyWIivGDF1QNNDGxtPYf_YSaUJztDa2NL6jej2oHAnVY7mA5WzBij7fLUIEPGs30LuhDg_TIiZd6pF5Efx1-raXTS2T9pDghFW16pKH2eA1yilBCzmlKAEheW56JaSFzb9mp7EEoWOyz5dgyh77PoZPeypOUNpQPHSmyIDUMSMB2RrjOt8d18tAIHarwHgVCFGGGfaxFZpD_4DTgBu0CbIMU4hMFTUCKnZljdJnmC7uFcF_6aTQciBZSlVCRJnpaQ1XEvH7yjJlU3SPl8Jqj8oQCU38yPTwGwKoJw8BKevZnZUGPoyn-pZqaE4ZX5G6g2kETmrVwjo384u0Hp9OeVP1h6QVRaPWdbd7wijOTJCTCjfDAYktxQKc00ica4YoZyiTq_wijZmLlke6Hb0KqEXHEfhc4wuGMcuaDy9qVEf3N8pHruAFAtdv5LcBExTTjODmflBH-E3V3NeO2g6SPzL5o6r_Pj2e7ET8IzOPnp9wa1my-As3uwbUvAFncaHDS2m3yfNqK4PeYu3P3dLXun7Kuu8uBZOMwQM8j2eVXdHVyYVujOD8w3qr-3x9r91tKi8tbgkYziGsrmb0NdkmWL7DLSs5DPl6PdW_4pLlvcbkotC3aA4Jzubv1m_OQeXawX3RB18g_xeYltKUodQiHEqFfh8sMOUIF6mnuqFfrSn_Ewy5Zrtn54fLN63WQ1KYGLMvxM1PyO-THMLuQ_nT_XBd-Z0KXvn7zL3x-6vTaYGf9AlXm33zjrz3P-r3yeBSSLJ3Ocs2rNbkIzJhHvZgEsUq5wwWmztVonnsnF-aOGI70le10lHwW_cEO0ZwRgkxiNHRe_BUtLBHkd8sR-A4orpWqdpXcuNX5cT_5ELhoB-XA0U62TosgO-ZeFOq-JY6c19KZ4JruITWNouA-YpRpVM5zFpmtewAdZwxWbuEajBtaES18yaFLJQQwDByQdCL_guC5l5kg4RCV04j-2FZeUN4oNZUDUInfBpj2rAX7jEqJeIeg0fwJ2ydBKu79w7Ohof-xI7FEexIpK8nS_HtcISQ1OYoC7MewzF7mJrln5-af02MfBeSpe6nDYeIxYN37QKN_PYyZKnd2LkwJ3wE-6Lj0LBrXZRBv005nD7gP05tkU0iJ8r2EuqHxrSp1YK5iTKjAkwwegv-I9M1uHhGJtT7Bb4ubWzWjjg4i9omfMq9faD0V_tOfjCSNzb1sVJWl3ljEpLTwkcsskoSDUST0QMZ_qA8JuFtJ2kua3VIR2oNxhoJ_ylmW8Olyg8NpQpj6jRDdCZPZIrtZlj-5UkyrpUz0h90pHR3yRY4EkprWUmUGbYNjFIAjaiYsdpBH039fR2oDSvpvukXBcrTDCP3ZgaeZ8gwZh0h-S7dN5Vw194_S1-rQEa1_kyW8Of2q9WfzIBi0qhO5hEbVN487M2qH-twE6-7BD9P1NxpEyGtgfwJkaOYRMEonTaUs5tlHnx82LCbXJqyhyH-AF2HDH0Zul2ng9VvGrgEuzye_ebfzISBSlAK6ipG2rPGOLlOouzos-igDMPYTDBW9YNMSb4b_DVcpefMuB41DQT7H4zsLmM2d9AjgFCxNa1tAXyRBpe-hoEYq9YJy13eoyGbMk1LG8Pz41-lMMrQwlL2AFmjuep_aOgYIqQdD1H5_oJIFdhdEpSzSyj3I65_r_yzHzsHwprF4RWMtBlUyiykNdFW_BjDGWo9pLtSSiYC7hXiNek1TuPfPybNoI2G7qHJJEggaKgpu63nRBEjDseVrdSRykR8MfCh1sgb4AslPd-9Pd2F4QRZwYCvttHU-Z7OKzUi2P6IqY9ZkCb_CnYWNzFQykBt2cphHErAGXuLxDyyEU-T29epd8OA4UREufBKtBAKrCdYA4I_0iqkEMWr8O4dAgul_hqGdQMVNo3lL8ReMA-Gr8ggoXR0or3Tz2NmBwndD5p5KJzUs-kzDGVEBeDNZyRVaxpRN_dVuYT7tTP_PRtNPGLwOSSe3QnlAEVvLL2-vYXl-R5zt_WT9_JL0qDyfPlhnjvzr_Uq_MuR6VZ6_B4YrboDf81GusklmLFrql_xtjCRk4qBSEfbYg-63DbkyNnSpjsQKGLfVk7r41DkvEt2ACTVD6AHLbwxNM5Qmy7dbX9n67GMddiS6P3e0q-4FtB630n2tWG3WnF5f-qZ22QngEepA6j9AjnCnDDNalayaD8zOiqa-yN5sfrAVZ7046WyjCHCX9ku_sTOPDBxD_rCBAavD_cLTvulZqjwkNNjBT83lRMtDstZBmx5qyX_tIicKnrXur9IMDn8JxIILPfPcm-iE8vZxJcBOyO8BJluZZzZns3tQ5TB_BLS6QB8IqDnlYCsfrQSSygJxJAnYRT01-fMfabrYiGeF4UTyS-Pn5Rf_VdlEW00uaBV2ahLI2yH2M_9TDcVqpuKuftw7nKeSNQrFddlaHgftSLS_q5srEagnLKAngIXUny7sQnjxkUdCfNhDebKF7ry1Sq_neZ6ZE9nybt4W57K6m2-JNEW9eKmKL2NoKqc-QMhcfKQNihFt5w3Ch-yE5idPAG-lTEBJ7bWiW4UDP8IDZJfexE4F0KVmhFk0pHMTo_iloc3ZUrTnu1_8Ug3D3j-LYv6q9emW3aDyjgkvXlbvFjDOi4Vlrw9p3j-nu36GRdhTCKDC4nyHA4ic5g42QPNQBolQgCOM4NxTT4rQT5rOw1niMN1rJ-PJn0EiqiBMqeLjreKCMSpbXwwTJslc2ANgm-xBqRkgUcQDQOrVBVY-NHcBcdLl6JiBNagv8V9Ld6MlS02F4uUzu_T-8RCV1NzJNWfgbRE8ixqJfVyfi_z2ncDwXrKa7h7b-SVUQRxbJiMvWPUUEodygJKyznoZ23FMn53X9BhsqPbOOdGmnx-0yqmpIMm2wT68_cwlrG0ORH22cq2887NOyokuGgkQ2kjUqdkZIKWruagArW3vUXVyCoCn5C7ynBUCmDPL6hVtrJJILOv3ZGKdCXSSgrHvUPg48SH9_Tc9eHhS1JjjiRpAVR2QthmOVJ7iIU8DxEQs0Cm7HXOx3bZ1wogzx3UD8G2QBZaENJbyn2ChFH8iBwgyCXD8N4hfng&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5194061478730562000&adk=2742791599&idt=197&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
66701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5902 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNwZimXrSYD1X7411ZAnPSG0wj4EfjI1MrS1Jn3599RGMIkToprv49Axq3P5BGNKfHZYP-ITOKVaN8ZFz-3zm5mXZ_Yw&cry=1&dbm_d=AKAmf-CuDz95dt3rbNTb7tsRkh1VYN-u0PFUKEA2sGoaCLVY3U6YydPuWAUIjf5eWHs9ArsWlPQF43sLMS6rI5vB1fI7VAp3hxwCID7j4sv_4Fa7j9dnagJALnklYLQdI5tOOznuNTYXPRuNZGjG2NoYILX9plRxPngC8h13X57VPUgcSuDphfjRsP6WNr7FgOPq6q35FogoUn3hyrvHOaZO6mkSBPPFQmNa4E02xCP7rnPoBdzbmyyLBzG9aaqVe-pUIwjP6Ga6X6xWiT1j6MTNZ8XvoUN_4QjDECgN_itpjsWlYhRTrO_8ZKXIx13QveasqRqppgiHkBhgDMRM4y1gK4XUL8RbOCzfgvcjsVj00uYtgYMfTgK9WFktXuTQKJCekBjtUbGSo0L8rWE77C9qIPzABgiTUZKTN4kp28jOQrQe2BgCGjNxH5N9oH8DebAIXhrA1H5a5kS_JkruRGVBwnuUa7ssrKUylQ8y7TtG7aX1SfjAfwXTMp5cuhm7sw15ojriD3US2LFtZn4u7y2AXYThEM6Kc8E5Dn6BzBJaxZE2D_Psq91PCylSVSsAZpZihCXVR5_Hmfl4hk7yuCqWW5MRX6emG40642zlsh3u2X4LvRrxbDeIzRgUiheWxXq5nVR1Am0aafP7TZZR7d5nXfQganuphT3XQU7GVbXUpgkNqL2q_NXqJ2uRlNt4xlSC6un9ivjrisX2mfb-3zYj9uDvrq-QHrDYfW7VIFihmNK8PsA3j9USkT1FZyiDHdDa8-uEQF5AENKoLv1rQBl0J4ToY2s5pn3urHLPyVqwE_V-bpWcqN-ywWRe0COdiV_joDG8s6khm5k3JGSpUMDri2xAUNqyBQm5uXvQpPe5aWAAIaBKjgdvVg-7EqrtqYUne_fKSFrxl3FyBRn8j6un1eEqlLLqxbcQqzKlZAcJmRrmGrG8CPCTNm4_A8Z4DxtVarrEbwgbh22AaiMIPlOI6-5wkoKjy4DyLLy65bQ_xPcUsrfIl8blLvWqU5V5cS-kexZxAs2uiyWIivGDF1QNNDGxtPYf_YSaUJztDa2NL6jej2oHAnVY7mA5WzBij7fLUIEPGs30LuhDg_TIiZd6pF5Efx1-raXTS2T9pDghFW16pKH2eA1yilBCzmlKAEheW56JaSFzb9mp7EEoWOyz5dgyh77PoZPeypOUNpQPHSmyIDUMSMB2RrjOt8d18tAIHarwHgVCFGGGfaxFZpD_4DTgBu0CbIMU4hMFTUCKnZljdJnmC7uFcF_6aTQciBZSlVCRJnpaQ1XEvH7yjJlU3SPl8Jqj8oQCU38yPTwGwKoJw8BKevZnZUGPoyn-pZqaE4ZX5G6g2kETmrVwjo384u0Hp9OeVP1h6QVRaPWdbd7wijOTJCTCjfDAYktxQKc00ica4YoZyiTq_wijZmLlke6Hb0KqEXHEfhc4wuGMcuaDy9qVEf3N8pHruAFAtdv5LcBExTTjODmflBH-E3V3NeO2g6SPzL5o6r_Pj2e7ET8IzOPnp9wa1my-As3uwbUvAFncaHDS2m3yfNqK4PeYu3P3dLXun7Kuu8uBZOMwQM8j2eVXdHVyYVujOD8w3qr-3x9r91tKi8tbgkYziGsrmb0NdkmWL7DLSs5DPl6PdW_4pLlvcbkotC3aA4Jzubv1m_OQeXawX3RB18g_xeYltKUodQiHEqFfh8sMOUIF6mnuqFfrSn_Ewy5Zrtn54fLN63WQ1KYGLMvxM1PyO-THMLuQ_nT_XBd-Z0KXvn7zL3x-6vTaYGf9AlXm33zjrz3P-r3yeBSSLJ3Ocs2rNbkIzJhHvZgEsUq5wwWmztVonnsnF-aOGI70le10lHwW_cEO0ZwRgkxiNHRe_BUtLBHkd8sR-A4orpWqdpXcuNX5cT_5ELhoB-XA0U62TosgO-ZeFOq-JY6c19KZ4JruITWNouA-YpRpVM5zFpmtewAdZwxWbuEajBtaES18yaFLJQQwDByQdCL_guC5l5kg4RCV04j-2FZeUN4oNZUDUInfBpj2rAX7jEqJeIeg0fwJ2ydBKu79w7Ohof-xI7FEexIpK8nS_HtcISQ1OYoC7MewzF7mJrln5-af02MfBeSpe6nDYeIxYN37QKN_PYyZKnd2LkwJ3wE-6Lj0LBrXZRBv005nD7gP05tkU0iJ8r2EuqHxrSp1YK5iTKjAkwwegv-I9M1uHhGJtT7Bb4ubWzWjjg4i9omfMq9faD0V_tOfjCSNzb1sVJWl3ljEpLTwkcsskoSDUST0QMZ_qA8JuFtJ2kua3VIR2oNxhoJ_ylmW8Olyg8NpQpj6jRDdCZPZIrtZlj-5UkyrpUz0h90pHR3yRY4EkprWUmUGbYNjFIAjaiYsdpBH039fR2oDSvpvukXBcrTDCP3ZgaeZ8gwZh0h-S7dN5Vw194_S1-rQEa1_kyW8Of2q9WfzIBi0qhO5hEbVN487M2qH-twE6-7BD9P1NxpEyGtgfwJkaOYRMEonTaUs5tlHnx82LCbXJqyhyH-AF2HDH0Zul2ng9VvGrgEuzye_ebfzISBSlAK6ipG2rPGOLlOouzos-igDMPYTDBW9YNMSb4b_DVcpefMuB41DQT7H4zsLmM2d9AjgFCxNa1tAXyRBpe-hoEYq9YJy13eoyGbMk1LG8Pz41-lMMrQwlL2AFmjuep_aOgYIqQdD1H5_oJIFdhdEpSzSyj3I65_r_yzHzsHwprF4RWMtBlUyiykNdFW_BjDGWo9pLtSSiYC7hXiNek1TuPfPybNoI2G7qHJJEggaKgpu63nRBEjDseVrdSRykR8MfCh1sgb4AslPd-9Pd2F4QRZwYCvttHU-Z7OKzUi2P6IqY9ZkCb_CnYWNzFQykBt2cphHErAGXuLxDyyEU-T29epd8OA4UREufBKtBAKrCdYA4I_0iqkEMWr8O4dAgul_hqGdQMVNo3lL8ReMA-Gr8ggoXR0or3Tz2NmBwndD5p5KJzUs-kzDGVEBeDNZyRVaxpRN_dVuYT7tTP_PRtNPGLwOSSe3QnlAEVvLL2-vYXl-R5zt_WT9_JL0qDyfPlhnjvzr_Uq_MuR6VZ6_B4YrboDf81GusklmLFrql_xtjCRk4qBSEfbYg-63DbkyNnSpjsQKGLfVk7r41DkvEt2ACTVD6AHLbwxNM5Qmy7dbX9n67GMddiS6P3e0q-4FtB630n2tWG3WnF5f-qZ22QngEepA6j9AjnCnDDNalayaD8zOiqa-yN5sfrAVZ7046WyjCHCX9ku_sTOPDBxD_rCBAavD_cLTvulZqjwkNNjBT83lRMtDstZBmx5qyX_tIicKnrXur9IMDn8JxIILPfPcm-iE8vZxJcBOyO8BJluZZzZns3tQ5TB_BLS6QB8IqDnlYCsfrQSSygJxJAnYRT01-fMfabrYiGeF4UTyS-Pn5Rf_VdlEW00uaBV2ahLI2yH2M_9TDcVqpuKuftw7nKeSNQrFddlaHgftSLS_q5srEagnLKAngIXUny7sQnjxkUdCfNhDebKF7ry1Sq_neZ6ZE9nybt4W57K6m2-JNEW9eKmKL2NoKqc-QMhcfKQNihFt5w3Ch-yE5idPAG-lTEBJ7bWiW4UDP8IDZJfexE4F0KVmhFk0pHMTo_iloc3ZUrTnu1_8Ug3D3j-LYv6q9emW3aDyjgkvXlbvFjDOi4Vlrw9p3j-nu36GRdhTCKDC4nyHA4ic5g42QPNQBolQgCOM4NxTT4rQT5rOw1niMN1rJ-PJn0EiqiBMqeLjreKCMSpbXwwTJslc2ANgm-xBqRkgUcQDQOrVBVY-NHcBcdLl6JiBNagv8V9Ld6MlS02F4uUzu_T-8RCV1NzJNWfgbRE8ixqJfVyfi_z2ncDwXrKa7h7b-SVUQRxbJiMvWPUUEodygJKyznoZ23FMn53X9BhsqPbOOdGmnx-0yqmpIMm2wT68_cwlrG0ORH22cq2887NOyokuGgkQ2kjUqdkZIKWruagArW3vUXVyCoCn5C7ynBUCmDPL6hVtrJJILOv3ZGKdCXSSgrHvUPg48SH9_Tc9eHhS1JjjiRpAVR2QthmOVJ7iIU8DxEQs0Cm7HXOx3bZ1wogzx3UD8G2QBZaENJbyn2ChFH8iBwgyCXD8N4hfng&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5194061478730562000&adk=2742791599&idt=197&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
65892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5902 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
330544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 12:26:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 513F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
1207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5902 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3caf3889aa2508e11a57285e3c180f9485bf4b7d1209d89ee13eedadb7c0112b

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame BB68 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame BB68 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5700 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cdj1LZvwI4XlUT-fMIdPXhy6pb6sYIQDp4w3X5NlleU87jy5-EnuOmF5i-wWucgE_GiVe5yXGfszQZDQ3NewlMTMfa8CTVzqamlm-bqGrVrniIdCwTRMYlBoVfCRsX9EMUHu5s4o22ahPf8VLEzRTUofb-aklh8ijXou3G9Qri_YekpTo&cry=1&dbm_d=AKAmf-C-JUCyyT4Mm6BTXsWpsYuKr6nowqJtn-aIfPhkYIZCm0s5eT2bW2sxnU6iAekpqZLmHdzWHFWDH5YhMPDaV-sIciwHbrPI9d0ihVNdsPLpLNqq2-a9gR-fCtf1vRjv-Rww0OOoMfYapH_0qkCJ5g_cxoVvy0iX68b2yTTWIav98-J4tfVd7mSp1MzMpnL8TSG-BBATSDfPiYXLfRHjlS8vD7zsgLD7EoDN427TPJm5HxVM9K9S5uChYw6J9EEBmK8V86UtrJDcP55d3dhlN4u_DbasYYpomhazGC6HuhQQiBIAutvLnxORLpVTJa3QMuvbtDzSzXGWmNdLfYNziK4nCcLrKxU7pCwRNZeA9tC7qDgMw5l5t9R2l6RCvHmEiLxlVBzCm8I8fIfRFKWtxkRHb_YtwvTT13KNbEOBDWtkqkk-ca-sMjpb9eaBNIJmW_gjOksxei33pTu8cIuiutVAhLxoat76OGvg0air3H7Xo6PIpRDd1HYrr2dj6be2H-KDwrfEbgSN778nOszqxOQy-TO6QT2epY2L-B_oUht7ojFd26FdMXvKZbIY1HcoS621OhJjB9hnqwlDSBeN5XBvWioeZPplZOkQjmrkbe__2XjbtzyisYHgxm71RffiPB8qomTlau0bJIMlXI6DJt7f6xmi_-yY99fSuY3iZXUmw7_zBbPna9hXx_CnJPiZCEHoC83pfxTlLtfhs74ElwqLPbbZJZFBrplrasOPQMEFFzRCEn8UyJaUja0ZzWZ0TJ3zTEqcsuMeDDRLm5b-B7WaUTvbLtkCOqzujuEEWnsrXKetbBdiC628aDxPX-GAJC-I-2Qo_RqR9SAhy9lw-Ph-9y53HcH_FIOLuEckZTkr73so_lQc1rBTae4bXLdTNSgtnE3-6Q_GkNTXT42eA-GZwgrx4dk6wuzG_IZgd6SRqPlvtWATgPZ20vqEuLrgdBaHIffyBoK3vx3HvBUx_NpI4gZmtiPeUiRKqv823Eo03PLHZpvXc0YejTMA5CnyGiuCkjPSD3uV4WfMwZvSSo78FAw0pNH8MnX8boIDfaCfaH5NM5uHnYFeu3c-4YivS8MSYk1GReTJ09TeBPbYn8x86oWbgoRSC-bBG4jsIwOVPEySov_RZxTVThMtAfMb4Ynl8pgxal59niOg_vk5770XBgJ-1L1I1ONfmfdnGx66PRbCWbMExwZ8wijgVzHSolyP4OvJwzUgHs86K6roUYa6LWVd1_ppMCfaymLaz-aDJDSDBKsJ287Khztq1buM8dHP109VSIxhD2CwYW4CtZJnZ-N0f2nH_4Nf_gURepaqf2Xo6x1sGzHtXsdnpadJH-JEwIadnntN3BEsp2z0fUKiSW6N9S1gPNpf5HP7r3AxoeBFOHgThyLZOugYozFsUzgUFGVES5HeczRWL35eo-2YDZSM935NG8dfYXP2r2i-onrYGGfjXTadzn6L4xwZ3a_6DHvcz_5hLeCOjvJzqIgyjF4eObCRYhbfNY-84EHdd_ILr2sontuOjSfiHQ5JcvKnbbcdAlo-oB3Ugi0XTW4IxYJHqrdGIWyhC8DEqNF3oEqn0XGpTUJNxZ1h1pcVZkpcocwDnAgevdGgdVCjhXhn3tJzo8fXAP87CDazqy4_gvM5ucFlhpVyruXmZJUBpENd_p2X4LJDVySp2d-5uN77Fw3AyA6E41Ikb2fMwA-a5s7k2VRsa9PITpURoyrU7ImCCFI5ava8exPkJ_pNI1D4FtpWTQvLZz1099G0U0BMccKYmuIlhOtan30JlGJdn8IZd9AochN6tv91JKNBdTwawGRcF2oGMXbLKL6Hyht-Nb7ZFHWXAIfLTTGiOtKwhwh8Hh-2DRR4Hy-k-YNiJZz2Xmn7b-BQWjQPIrms6CCwEqZCAsCFuJKEkKNXa3ueHE5-oPp2yrYjke2hsbWy2e9VyxV04xarIjo622s7EZFf0WXdda13qxA6387kfe3HU8jg4o7YfIYFrItu2EBgWIf5e7xUDUvW5fhIlY4h6ZiNdmRiMQR1VdmomKX7L-MP4AyYNroSyZvYaWI4dSNltkLpIsdtr1FHxhGgz4_xx0SREAQYw185L7C9QRBg1oVli8gWxEjkToqVk-GnDb5F2eyHW1v0MEDXjuTj3N2RVjKOllZ_hWnDuFh51ghJ7YS3WBm0BP7snApACCoUw4vy2lESGHlTZObCqfI_HY8OxpzyRtycIieVESKJfFmmL4zppy3SHtuANariciLUDhOpCypMibILcpUhi8vpJHj5sysy_iYmRsK_9dgNAv6J04kAS55q0OmAUV34ZIL11J7G8HZXAwOmIfywpb1Lr5Q82_XiXdPeT3Ub73U49veL9pCOArgpaMwI1_x0h2oCPrXYARfI5wy02xdfOgQY8HW_gBzQ0JY_V1MkqBHa5YMSNWfxzysJPIUnu79lAZj-LTXFQnTluwdbeZZ9V5iUk57vQ7OI6xUwJZWU4rsJuOsgfWPQmb4O2IOgfzeZHSXV7C5CK54QX03sSdjH3ZW1VZR2X4FdRU0RFb6U0qp3lXbsdojJx5P1HIN7AuRFOzDkYoNpzKY445vBfKgRX-eoYD6WMJG3LpcLr6b0GuJKm4QFCszKXAk7c9B3n_V3ECm2UaORiXvI2HJr-I1FTJnkATKzfpDUeKzm1sEkRU5j632IgTa0LgSqGXNqz9g5cYlYNFODg5yIfXJwVvcLua_iPKPRY7VvmqYktcIIwXoHOg9Z7x-9a1iuJuogqinXBCV311Sj1qGX8EWvt0PWkJJKWjiZqlwp4ByQ6BIdJnoTaaYlz7WsjtwKohrcFM_MqqNrQ1Al9u-qufqlrC_b1FFVICKbANBa7JnpampJfyJBXFioDHfzMSImFL4v5jipQEkE6v5YYX9bFgzjGvjRUeFa6kNyI3GGNLHkLKVc7p3dryDrOpRoa6QBLKHLD03pExnw4vJ3DzqthpKPz01d1Ucrs_WHAuSaUhbG_AoPhUyx5dxXFFh8-RmApBu_gL6sXEffCo6IwiXMZhMQshlKIe6FGldjkZW4fC-mTEa6fTH0TkgeQTOgiGsx0-AaQP88ZJP_MjUbNITz-UILDssXakNK2KTHrMNv_Pgij3B9jDpHOZ-MQAQCa0akjE1zQ5PDzeU6Glab30RZVqfR3Gs4kxnHaBi1GYMuI9x7YR0mBYnnSErJzI82Aite_YPZ_HXxogjIvIrOSAjNjWa0dQwNRAWfrYRSLghqHJTThsDr3hA4G0O82cVUcn49QdfGz8BuXG4dUfCfr3f96vePWqgxfuJG7ga7RD6n2lELBwKnzV05l4lnBqdPcsch6CXMi4hTGDV4NbbtQJraL6W4ra1WHMfBfMamXR2DDu7NmPUKUHEiHsoIiKCgax3LSi5LYzlmiTUp4axEpjbTXibt3rFYsX0YcTtDBHB1UJWnKivlKWm9TQRBK3cvnnu89mLYLAwC_xCWdRUhjh83iQIoSYhbG08cqOguaQ2WYjxNaQilYYesIsImTMZjVIVNYRK2t4fxHQ3BLMWOm-xGKwKT8Emx5i-_FhTC_GFcwOcrXTmRmZTRZAbXuyICFZ-B3qlFL6J4CGAbcJCv4smDDdcxep4WiS3hesmlwl9IfZW70ulOJSlhb6PlNgKgduDCXjyQMZ7VUVgs1EbdOU0h1W0WfB6vJfHa6MkkTIyH_gdSxD_1FxN-nydr4fGeGlRr6OOvGvpoM8cW1n7IToVpFBvZZyBn0EXjzjZCpF-vmXSlDIS-Y66cI4v0UiFaX9_PJNEUXOXv_n70D2Z6Oy-NqifoEGmcb99A2lX5cPLtRnWFuTPE-koGvbxZieim_WPNErChEMCt1KDXjbI5xEuTIooeBShdYrwVTW1SZhf2aJMkUrk_MwpGm_g0TEZ_oZJZ6BBJ3x73t7zzkUK5ulsaCPUgteDrd-ChhEqMuVj_6-jmpl6Lu8mcO3_KmgXwiBHxbztAE72tS8ChQI8mczLmzLv3E52zuqrBMNnOQ1EApYYMp4ZZJr--qSh3TH_JTFJO6-o-RD2w73IJ9MfXNralXMtQ2MTKeAQlounEzTE_L-4ebx3SOPxSvbSQHAagLHPdQ_IqtZp8yOzvQZ0-vzeSZIiF470ldAQlAwO21K69YENW_WyMZaMhf8p9ORezfNA_r0ARNpvKV8ETOb3SZ-wodyeCGppfZ-L2L-ttvOhsuz_vhiQt0__5uBXbIQrzMUUx4hwA&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11829655703231447000&adk=238596429&idt=159&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
330544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 12:26:28 GMT
4roa139sx2t9
hal9000.redintelligence.net/zone/ Frame 5700 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4roa139sx2t9?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1St2IvEsZcqxMozMgQf-46Fog6Hum2nIlI6X9w_wLhABINGTwypgqbC-gMwByAEJqQLe9ToZ5KGxPqgDAcgDmwSqBJYCT9CBLT6S4N7hN8rzYFShv545NbHlSxyoUNxOmv5hkDv5dWVMjqHL4mnZCoYm-8hHYyeMq5XDfawnH5lmVk-2YKP_mRjx0sIF8DDY3R8kK4_Px9FJG4AzdgMjgKsFQ_JX4z7Y9hSwlP52IyuLt2_df_opW5fvxGPb-Ugi0YUVYoi-9xjeQ-EMliCOIaOB_-hTL_hIAqNxicfBsYuCNEaI9pAfaoHlWIXQFgyeuvZFboLbjR5i17AIv5OMBvlCh1p_AM1vqIWjphFkRoXidJQQVD0phL3-7bKsAD74B3xutBXYks-4wL3yVQjk6yIjkoLq2bNldPG4i4-QAjwsyk_QypSEX2oduE1k_Fq94mEUJfKG-k60UIfABOPCoq2LBOAEA4gF1byU-T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJBVMgNAeINEwiKw8STkPqBAxUMZuAKHf5xCA2wE8_gzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIysrGk5D6gQMVDGbgCh3-cQgNEAEYASAAEgI8WfD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE%26sig%3DAOD64_0YRXy9FIqtMdXaho26MQ-aIVSAwg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DEu9p73IDOgKCN-IxtldbCgThyca1Jq0-riNff3QxoDRotwA8-SLJAsdxEmkl35YRGKPiNvhwxkEHFjDNrlxYLc6Vu3DDF20qE9j3YvldQar_rB4rG0BPDUIy5a6I5wA3tYC6Fz5wu5I3NeVyt-plOTKiibm6MsapUZqTdn58rVjR_-WQ%26cry%3D1%26dbm_d%3DAKAmf-AQvJpt7ue0tgVcvQ26Eq17czL49o4kihu-fDczb_GBJrfRCSOv9jvMnBcE1TG36zrXnjULpbZYa3_uEt859VLoVEMHFqT4nqKkQ_AsAyPpRrTaQBKeSZ3PwxfehNTE-PPEd9Yk5u-252z1A8GVG9mWLpZtFOWpwYWV-mOaOSy8-_xr190c4uB7aLt8KF9uyTqT-nvndZLfhxbA_xY9UWZD3MneIOPptlqn5LDf_eTUC8H8khbxu2bqBWxKcPonRMLa-k2QdBJWM8kTLnBtpNOXHVXaUxzsq_twf2B4HHSgyJMDYGmdziZEXPhnm47LrASXSQtBgk0UaWNgJexXLHuaIeH20Lv35n8y9opnV1zsc5r-LtdYHUIc9JpRUdrZYU6Xag9wTeopjyEys2kV7AdcsTtWDviwK7GtMCg5T5CqXVt8HJkuc5BNtNNVM149R1y25Qq2IbeHmtzuiHdbtLx0GFVKKxi_tS8gD6T0KTN60Mkm7rLyFguSX2RKEk9VEdz-5qDNlDPlSKnk3NvwwBMpVzp3UoZ8Jvn_s4Hn1e3BN2tqs3c%26adurl%3D
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
3a2f6642832f5faba064ca6d7af8bd14ca12f374813e2205bce269ce394e693b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:33 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4225
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C5A1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
277713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 03:06:59 GMT
expires
Sat, 12 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F2D5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1&google_push=AXcoOmR-tbL3Y_4ILVDj25JwPZzbakpBRz4rjBp2HOJ-X02RJH8laTREyYtVY8cXBu5SbLNiZCRR85Wd_UYmtgMukptQaLyZJCGc
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc5Mzk0MTMxMjQ1NDA0Nzk2Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEJuTsA1fqyMsJytrBW3E0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F2D5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlliZXhkS3AxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTPmmMw3eg02licSQQyr8GMfC1fVlefws8eyTnEQ9R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlliZXhkS3AxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTPmmMw3eg02licSQQyr8GMfC1fVlefws8eyTnEQ9Rdc5JNFCmHi0hQIpLLXeIE2DbDIC10HOzbd3PHm4MTSBKG1h_f4Ed7
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlliZXhkS3AxUVNpTGI1&google_gid=CAESEBtWYD5GTX4qW9mqjuEgC_U&google_cver=1&google_push=AXcoOmTPmmMw3eg02licSQQyr8GMfC1fVlefws8eyTnEQ9Rdc5JNFCmHi0hQIpLLXeIE2DbDIC10HOzbd3PHm4MTSBKG1h_f4Ed7
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame F2D5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMaswHK2Nki4idCi3nK-jl4&google_cver=1&google_push=AXcoOmQX38gUzW3WNLU-667EdQDydgLj8hhJa1a096hVnGvQj200aQJqIaMyFYWBh14vnRGinkWg3uYP99_-CT4URKEzkB4IyYkH
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F2D5 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENFZadOztC0lEFrSWGxb-CQ&google_cver=1&google_push=AXcoOmSzlDkWZbf2OVdpXjEQ2ctxZHFeWhQlIVd0HkBOxdysH_lXO_zQ0PzDslX8h1Jn9qlICxg3FoIT3ObyAzGtVl_P5oUKhRba
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame F2D5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmQRYIMSVAVcTEuZ4-oCdRFimMLCBbrzMO8ebe_5FhKB42ryj2ZzYqc53cwk__dRT52gnhDjOMvGznEzaA2Blb26bYn...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQRYIMSVAVcTEuZ4-oCdRFimMLCBbrzMO8ebe_5FhKB42ryj2ZzYqc53cwk__dRT52gnhDjOMvGznEzaA2Blb26bYnLHFLW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQRYIMSVAVcTEuZ4-oCdRFimMLCBbrzMO8ebe_5FhKB42ryj2ZzYqc53cwk__dRT52gnhDjOMvGznEzaA2Blb26bYnLHFLW
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQRYIMSVAVcTEuZ4-oCdRFimMLCBbrzMO8ebe_5FhKB42ryj2ZzYqc53cwk__dRT52gnhDjOMvGznEzaA2Blb26bYnLHFLW
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F2D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHm-APJHldEgo1HSsUuoJzY&google_cver=1&google_push=AXcoOmRacr-LJc8Q0eMcQ1CpCTB-sPA0_mL1IxmitFPd5Zxa9e6FIbID9CN1L6VDTrxG-l14-Pc...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TTUVUWUItMU0tN05BRw==&google_push=AXcoOmRacr-LJc8Q0eMcQ1CpCTB-sPA0_mL1IxmitFPd5Zxa9e6FIbID9CN1L6VDTrxG-l14-Pcb-bVtgX5rGjR3QmE4mBIzPbe5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TTUVUWUItMU0tN05BRw==&google_push=AXcoOmRacr-LJc8Q0eMcQ1CpCTB-sPA0_mL1IxmitFPd5Zxa9e6FIbID9CN1L6VDTrxG-l14-Pcb-bVtgX5rGjR3QmE4mBIzPbe5
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TTUVUWUItMU0tN05BRw==&google_push=AXcoOmRacr-LJc8Q0eMcQ1CpCTB-sPA0_mL1IxmitFPd5Zxa9e6FIbID9CN1L6VDTrxG-l14-Pcb-bVtgX5rGjR3QmE4mBIzPbe5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame F2D5
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECXJ825jl...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f70dbbc5-2770-44f5-ae4e-b70c0dd21654&%%GOOGLE_PUSH_PAIR%%
date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F2D5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8duc5xYQiCs0rMvPTr5Gf1NooWAxJGaBVHT8RfyWQ5U93086kGaSsx8lMIGAKIR7DLo6NGg
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 11EA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
261404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 07:38:48 GMT
expires
Sat, 12 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hartlauer_b_728x90.html
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
a67604c34e468f5485c5177d1af94d7cdd1a521fb853baf6df00f90d3195cc03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
256489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4139
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 09:00:43 GMT
expires
Sat, 12 Oct 2024 09:00:43 GMT
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6740 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaOt3diHv1cnwWzLF0BIwoG7MS9cslAi68x6bQ4I-B0QddfxfXXmxf3UalXlbxJU0noMA3LUTXb774YHJQWFs7eb-SZ0_bOS7uFFy07nXqD7S3a0CslLhbB8h80KdpIpHdI9Sw5Ps9NspZdaRkKHs_fc4tOD3KBtihGq6IjfVLRqjE2uHEiXUUBdBy5lstKNWGAoMDx7dsp5eW8F9h65HhxmPGMM8WE_BzWI-yQFsjHFJiBCj4UQz0Epuy50RMyRtwFmbjquBEcg4DMrXM8w-ApZW0bJQRow1MIOsIp1jCztphUrkTdj_K2lZvNR--dWQSDfWIeX6g61jU4znjhkxjf7ZQTzLbMF-yy5DKzXcGyMLZj-q-i5OrQetwVghX2JF_kiaxZ9VO0hax7HWOik293gK9t4R39a9eQyN6K73v9o9Cuqf-LinNlUaCjK_QJ384RfmC5YFcbpE8bTEg-WmTkUEc_mZrjsMiltTqIiyXD5I2fOShBfd1kIpwU6-gbXkRDBGyUAYtGskGIFDv7U8NoqHSkFETakI4sjPVoijRab5COECrPOkThpLEID-XfnBaTDGcfcdxCQMS0RA2sTXLGIO0riXwTzQwdShBztOy4OYYY9pNtk6cIgcW4AXVAm2ERILkJBmBQfjiIQ2yAtfNPGy9O6eHtEDLLYWcFlaWXlzlHW5aI63oFurHptGVxzcBybWbs-AhO8VToMa_5xamfxdBLnoXxnIvEW2G_2EX828A43e5hZa8pDiLbW1aG1TPBksIq43eY5H-tNRVdAET3vxCkMfzPE5QFMBAfch4NBfJdnbhP4U7X2ejeWwxNnWVtoLJ6zs8Ioe3a21-16lx2zKhLT-vT1V3CU37hev46BfFEerJhXo-HWV9PLm6hTLYd1AErW7KNlhxrTmqefWIy7gZbIOg6qvJWiau_aXfCMucL5ygV8epYqGPK04VjQWNQmnWhDSEFnstqogYyzBcyU3KqL8LSQSV5Gw7cdVuDZBpckpME3VlNLqZLKadk6m2YbrcvkJCuNYPuFBmg6hTXu0zpQwH-PiQzJSMvLu9Hzh8wBix1cp0DXIMtwtmc-L_Ty5VBRFPoU4VhfZfb4aAm_BSuwKSvtd6Wj8EQIN2_19nA9c7os5ZyXWY8VshtfJrIyGs-16AxLZeJBwgXk-K_wYVnhTDVY4ZyHLiePtpBpeqm1PD5rRhZ1AcePdk5XAhu19zNdXINIYmZOJGIYgvvcOs_7-echLzurUWpf5OpMN-jTA1327pI31EBgNMNMK9_Bc0Dx7jIiueebb7s_UEMwS2qZrnlyxjD1Xi16FyPjqw4PNJ569nUleUQYaXlUCUineN50ztKH7Q86bqsC__7mZ29YGJxaA7Os6gzuqIdkkfEybTAI30RO0QTgHQpXJ8h5WaJEDuXt3qWISEIApPSni5ZjwrVL9m-xVnuH0&sai=AMfl-YQkHPzUEAY1aFmw1fcrrZjyrPuFgh5-dqh7n2JGxfvlP1BUdrIJrCkUxfmKD7V8OrXZLbBlskeCPvtCXyjwMdjhPXRn6sNXpfxIzGTrOUhviW_iqzxYDJ7m4q44EzbxCiA1HYQgjhLDp8KUUUbayCSzkuWICLk9AGxNVbx4Jrc85UXSwopzJXtnB9AgUYLIFJZcby6y7RFbXAUhVV8NNQxuSHzqKfBOi5e1NRqwi_PiXbBoWYSY8GQKRBzkp-KyVb_wuG2HaPwp2ksFumL066DYP5oWNxs&sig=Cg0ArKJSzJasxKXSQkCuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=212&cbvp=1&cstd=209&cisv=r20231004.71777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 513F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPibTmDS3Bj7l5f63AWFBKY&google_cver=1&google_push=AXcoOmSSXSxCVtPLIP7r5EvDZEchEgc5Nz6dYT1V-dhRxZwHE3vCYhBgmY...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSSXSxCVtPLIP7r5EvDZEchEgc5Nz6dYT1V-dhRxZwHE3vCYhBgmYaRzbBg4D2-aSxfZvK9XIrAVTIyd4MAhbmnhi14Bpc&google_hm=6H2cJ5kwMn0Ul...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSSXSxCVtPLIP7r5EvDZEchEgc5Nz6dYT1V-dhRxZwHE3vCYhBgmYaRzbBg4D2-aSxfZvK9XIrAVTIyd4MAhbmnhi14Bpc&google_hm=6H2cJ5kwMn0UlJ_wuCPgHw
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSSXSxCVtPLIP7r5EvDZEchEgc5Nz6dYT1V-dhRxZwHE3vCYhBgmYaRzbBg4D2-aSxfZvK9XIrAVTIyd4MAhbmnhi14Bpc&google_hm=6H2cJ5kwMn0UlJ_wuCPgHw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 513F
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOyLLHeBQ3TD_UC8hH5FTMM&google_cver=1&google_push=AXcoOmTbyGLFersjRHp-lZSzvY8JrXH7okz-SCB63cQ8PmbAycq_g-1TWSRw9_RKKK-GciXadkGlI3nN6Ju...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTbyGLFersjRHp-lZSzvY8JrXH7okz-SCB63cQ8PmbAycq_g-1TWSRw9_RKKK-GciXadkGlI3nN6JuWrCxrDT4Hr9rDZIF5&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTbyGLFersjRHp-lZSzvY8JrXH7okz-SCB63cQ8PmbAycq_g-1TWSRw9_RKKK-GciXadkGlI3nN6JuWrCxrDT4Hr9rDZIF5&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTbyGLFersjRHp-lZSzvY8JrXH7okz-SCB63cQ8PmbAycq_g-1TWSRw9_RKKK-GciXadkGlI3nN6JuWrCxrDT4Hr9rDZIF5&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 513F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHOOi5K4eFD0_WPKP1KKQ9Q&google_cver=1&google_push=AXcoOmQj7Kuj0gzFHI0H_brDLKFVCToAct39l-JTCqH6mvcSdqxlX2Vdaizv5NwkoN1Q0JTc47PyWvITbmdEJqoW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w-O483rMRAAm4L9zV5mA9w&google_push=AXcoOmQj7Kuj0gzFHI0H_brDLKFVCToAct39l-JTCqH6mvcSdqxlX2Vdaizv5NwkoN1Q0JTc47PyWvITbmdEJqoWyIz-zFizxgo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w-O483rMRAAm4L9zV5mA9w&google_push=AXcoOmQj7Kuj0gzFHI0H_brDLKFVCToAct39l-JTCqH6mvcSdqxlX2Vdaizv5NwkoN1Q0JTc47PyWvITbmdEJqoWyIz-zFizxgo
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 16 Oct 2023 08:15:34 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w-O483rMRAAm4L9zV5mA9w&google_push=AXcoOmQj7Kuj0gzFHI0H_brDLKFVCToAct39l-JTCqH6mvcSdqxlX2Vdaizv5NwkoN1Q0JTc47PyWvITbmdEJqoWyIz-zFizxgo
x-host
tde-deliveryengine-production-69fbf984b9-kbmvc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 513F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJMITETrNABCIld3I015MEg&google_cver=1&google_push=AXcoOmRRwLq3XDH11KpJBvVp0PZclXNfSQ2ps4NJMohkRS-ZRWwHa1LqDPHa-ExuwkLy_CBr-KsgGa8f0A4ezLKKcMQDSjS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRRwLq3XDH11KpJBvVp0PZclXNfSQ2ps4NJMohkRS-ZRWwHa1LqDPHa-ExuwkLy_CBr-KsgGa8f0A4ezLKKcMQDSjSHL_Ro&google_hm=eS1aR1E5SDNwRTJwRjB2Wk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRRwLq3XDH11KpJBvVp0PZclXNfSQ2ps4NJMohkRS-ZRWwHa1LqDPHa-ExuwkLy_CBr-KsgGa8f0A4ezLKKcMQDSjSHL_Ro&google_hm=eS1aR1E5SDNwRTJwRjB2Wk16Z29sRGdQbmlMdnQwY3BRNH5B
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRRwLq3XDH11KpJBvVp0PZclXNfSQ2ps4NJMohkRS-ZRWwHa1LqDPHa-ExuwkLy_CBr-KsgGa8f0A4ezLKKcMQDSjSHL_Ro&google_hm=eS1aR1E5SDNwRTJwRjB2Wk16Z29sRGdQbmlMdnQwY3BRNH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 513F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELT16Fn1V_4A5YrtD8SqTW0&google_cver=1&google_push=AXcoOmQqoZaYYbX1aIkr8K_HJyVhhVVRve-rnwY1colybAaTHJrPP3Zhwc9fxV7kLfilIo_pcnoQSjWSV5UZK9tj3Zvp-7W...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQqoZaYYbX1aIkr8K_HJyVhhVVRve-rnwY1colybAaTHJrPP3Zhwc9fxV7kLfilIo_pcnoQSjWSV5UZK9tj3Zvp-7W2-WUd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQqoZaYYbX1aIkr8K_HJyVhhVVRve-rnwY1colybAaTHJrPP3Zhwc9fxV7kLfilIo_pcnoQSjWSV5UZK9tj3Zvp-7W2-WUd
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQqoZaYYbX1aIkr8K_HJyVhhVVRve-rnwY1colybAaTHJrPP3Zhwc9fxV7kLfilIo_pcnoQSjWSV5UZK9tj3Zvp-7W2-WUd
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 513F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOCxiRlxfi7glR2aLQiXahc&google_cver=1&google_push=AXcoOmQzwGvYP7V1q-2i7XPKN3gb8tR0awfhV9l8OyqIikd9x1FQZ8gBXZPQ5MtKlWSEm3-YBFM9r09e...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmQzwGvYP7V1q-2i7XPKN3gb8tR0awfhV9l8OyqIikd9x1FQZ8gBXZPQ5MtKlWSEm3-YBFM9r0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmQzwGvYP7V1q-2i7XPKN3gb8tR0awfhV9l8OyqIikd9x1FQZ8gBXZPQ5MtKlWSEm3-YBFM9r09e7FxjMirQlrqouDAaxVNr
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmQzwGvYP7V1q-2i7XPKN3gb8tR0awfhV9l8OyqIikd9x1FQZ8gBXZPQ5MtKlWSEm3-YBFM9r09e7FxjMirQlrqouDAaxVNr
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ebda
match.360yield.com/match/ Frame 513F 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEDIRT5cC212QV1nSe6ekiQE&google_cver=1&google_push=AXcoOmQQ-cqREOa_f3oU6yppvZqYb1-ELEdac7th-2O5Uvl3d3zB1PbfPlAW7KSp5SV4TbXkfetALgNXKT0g354DGlHkEjZBl-Z4
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.146.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:34 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 513F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kn5oc0qJ1jNMovPsdFeWFCtSH5M0JDB68dm_e1-Vf415mq7cFb5f8LxSk0todhvsBCIyF-
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
hartlauer_b_300x250.html
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
9b61a7b47b35dbfaa075a939a7e999e0b0ee7742905e9f68f60158194a824383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
257891
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4046
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 08:37:21 GMT
expires
Sat, 12 Oct 2024 08:37:21 GMT
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5902 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPGrWeVtiGTYwGHJSuEw0EMvw_BkINn9tzMtpY5PEIPYorqhnncrJ2QG3s25dn-7JTma9urOwjBKqTxtCWlnw1MQkiZy_OZgL-LbZFLLblJYh5_x0EsTwgNAUM0J5l6QT1_omhuzMtiOWNQjTY-8TB-JGV39dUDs0S3zUCnA1Xs-H_ynClz8S_P9yZJatahJQvGioRibpNrKjzCokvnCj9IRWFjjrIciVj4gaU29NuPSDJtRgmltrg7Ix_qc1gY79YEcl3lUpd3nwNc_X3lRGIrh55wQor4wTPGL8KArDaIU54UrWFq07IXLxYvv_StAPYuT9Pu-nQijk0x0XIWGENUW3v6BzpM_FRFI-CyrJ1bjEzH2Li89RT_l2GCFyNOYLFklGrzASj8iRjCKU5G7Dzr_CMc_wo-sDY7dlX4FIGAnUyLLZRFvAJ-0IP2CFKQ_vgJoQ8ws1jftsYto5BTZZnmNHQ8Wt9O0m0KWgzpVq0sTovAnFymLy1sQdbFiaClQyO2ppZHKTRu9m-sxLdgDa5eyxUyPHJQEisPxeG4dzY2whNMHrcmV7D1uEOt4m2MI5GI7qNxeabgmVVfHRP-kJNUjRtrwVcMBoeYjL1JfUAailfywD_7nuxMBXFmUMpV8NBQdarOKjIm76yTLo2FRDb5OWRF4jntt75dYc_3jo5Ad9oGiqf5Xz25IGS16GFBCPAb9sMW1dBry2UDuDngmMOMvPi-ZZZRvMo3F6y_WCfZ35sVHLOe_wS4i8017VuvFSQbUMHbQpDVNmGMeplv4eyzeV19IQZ1RwqDCCZ1dgDvXmIvudvRvTxIw4RhBtkqYmkzdXwdr7-ultk1YTWrF22H5eTMUamj0EUZKIROO5eQ6ThT-Mecck0zBaKS-jsdv4E91aNAxn1ZOdMqrRx0hBhMXS_ZnRlNZ3jXaf__Wlj9eK56JhZunZ8LNsoYWHIooVY5y3qTx7CUhho3dSdVGGcQGpZYVtPYzh6VZ9yDlOOQQXh72oGfQ3zTQPlWI4Ode0Xbu1XQtb710WSMSdfuljFWhmDGIx1ZpNAklNOKxn8enXxpqlZ4KxMXwZ66enzGUZtnQcJqW0PGcTOxE1Jx9pZi7fgaGPdfTPF4Y4LQcwQ_F4ZhP5nrjAfoeYTWAx1dOCsYIcN9D2MH6yu5d8ZQ4gcsxop76em7nLKbFaQVo5Zq-hjbLSWtf7UzabFNlDTVV7LMdJa12vTmspdCU5x7h3UkpBxe-BbHfgvO6Fn_j3NO2D2r8icUNK040dQ7xcwP5gidt1Ly5Moob_mv8m3JTNiRkIme5BJqGr3Li1pqQeaEgTxRs76fI8baIBNtFjzdpaBaen1EZnJq5fkIUzWt5BQvT8X2MwTA-RVo-ihlCTTwGyU40s-mo-mz2ZDYWJvM_e9_vNQLE5PAFfr9FG49o84KjrgdVJ_C8SF1ESM5JsjplfXFKGRfw&sai=AMfl-YQePNTZxbuuS8CgWL5obX5qKzDac1CL4xb8USxdP2liBNrLRajw1wHbIKCMi9YuprnD-6jPLWJvev1BiN2SN6Xllwx-AvXeaphNXWrjkCaaIcHk49xoLL7UpeIq7C-LFTTfvQaFArZRG-wW_0vXMG70k_lDJSwg539vblFeddrOcPwqlHQ-ooghVa78vWNY3UEqveaL2DGA7YZ9qKxN3E5aRjjcjKbsti1wOtMXLM1nf1pt2ozNeRp4aDz8hAvFKHVKi_CFeCnB8D09smJeW40fGUufgeY&sig=Cg0ArKJSzNNSphhgAC3sEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=164&cisv=r20231004.60488&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame BB68 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Oct 2024 08:15:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9C0C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
261404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 07:38:48 GMT
expires
Sat, 12 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
pagead2.googlesyndication.com/bg/ Frame C5A1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 22:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
382308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14676
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 22:03:44 GMT
tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
pagead2.googlesyndication.com/bg/ Frame 11EA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 22:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
382308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14676
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 22:03:44 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		303 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
hartlauer_b_728x90_motion_paths.css
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		2 KB
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90_motion_paths.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
9634cb280d21026742ec7ccad89a6cafb6fd6154b5bca55c53071a2e98631085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
737
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 19:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Oct 2024 19:05:50 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 04:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 04:48:06 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 5744 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48652
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 08:25:48 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 09:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341708
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 09:20:24 GMT
motionpath_runtime.min.1.0.js
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/ Frame 5744 		1 KB
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/motionpath_runtime.min.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
19642178f8f7ac4492ce9125da46536c4bcbdf926a95f71682a389aee20f71ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:43 GMT
tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
pagead2.googlesyndication.com/bg/ Frame 9C0C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 22:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
382308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14676
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 22:03:44 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		303 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
hartlauer_b_300x250_motion_paths.css
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		2 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250_motion_paths.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
f16f0c536c29ee81856ce0686aa13a26d1f840045c9f02bdcf3550c47db184bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
716
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame F7D2 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48652
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 08:25:48 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 05:23:55 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 08:37:22 GMT
motionpath_runtime.min.1.0.js
s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/ Frame F7D2 		1 KB
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/motionpath_runtime.min.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
19642178f8f7ac4492ce9125da46536c4bcbdf926a95f71682a389aee20f71ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8189543752428158976/hartlauer_b_300x250/hartlauer_b_300x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 08:15:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6740 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaOt3diHv1cnwWzLF0BIwoG7MS9cslAi68x6bQ4I-B0QddfxfXXmxf3UalXlbxJU0noMA3LUTXb774YHJQWFs7eb-SZ0_bOS7uFFy07nXqD7S3a0CslLhbB8h80KdpIpHdI9Sw5Ps9NspZdaRkKHs_fc4tOD3KBtihGq6IjfVLRqjE2uHEiXUUBdBy5lstKNWGAoMDx7dsp5eW8F9h65HhxmPGMM8WE_BzWI-yQFsjHFJiBCj4UQz0Epuy50RMyRtwFmbjquBEcg4DMrXM8w-ApZW0bJQRow1MIOsIp1jCztphUrkTdj_K2lZvNR--dWQSDfWIeX6g61jU4znjhkxjf7ZQTzLbMF-yy5DKzXcGyMLZj-q-i5OrQetwVghX2JF_kiaxZ9VO0hax7HWOik293gK9t4R39a9eQyN6K73v9o9Cuqf-LinNlUaCjK_QJ384RfmC5YFcbpE8bTEg-WmTkUEc_mZrjsMiltTqIiyXD5I2fOShBfd1kIpwU6-gbXkRDBGyUAYtGskGIFDv7U8NoqHSkFETakI4sjPVoijRab5COECrPOkThpLEID-XfnBaTDGcfcdxCQMS0RA2sTXLGIO0riXwTzQwdShBztOy4OYYY9pNtk6cIgcW4AXVAm2ERILkJBmBQfjiIQ2yAtfNPGy9O6eHtEDLLYWcFlaWXlzlHW5aI63oFurHptGVxzcBybWbs-AhO8VToMa_5xamfxdBLnoXxnIvEW2G_2EX828A43e5hZa8pDiLbW1aG1TPBksIq43eY5H-tNRVdAET3vxCkMfzPE5QFMBAfch4NBfJdnbhP4U7X2ejeWwxNnWVtoLJ6zs8Ioe3a21-16lx2zKhLT-vT1V3CU37hev46BfFEerJhXo-HWV9PLm6hTLYd1AErW7KNlhxrTmqefWIy7gZbIOg6qvJWiau_aXfCMucL5ygV8epYqGPK04VjQWNQmnWhDSEFnstqogYyzBcyU3KqL8LSQSV5Gw7cdVuDZBpckpME3VlNLqZLKadk6m2YbrcvkJCuNYPuFBmg6hTXu0zpQwH-PiQzJSMvLu9Hzh8wBix1cp0DXIMtwtmc-L_Ty5VBRFPoU4VhfZfb4aAm_BSuwKSvtd6Wj8EQIN2_19nA9c7os5ZyXWY8VshtfJrIyGs-16AxLZeJBwgXk-K_wYVnhTDVY4ZyHLiePtpBpeqm1PD5rRhZ1AcePdk5XAhu19zNdXINIYmZOJGIYgvvcOs_7-echLzurUWpf5OpMN-jTA1327pI31EBgNMNMK9_Bc0Dx7jIiueebb7s_UEMwS2qZrnlyxjD1Xi16FyPjqw4PNJ569nUleUQYaXlUCUineN50ztKH7Q86bqsC__7mZ29YGJxaA7Os6gzuqIdkkfEybTAI30RO0QTgHQpXJ8h5WaJEDuXt3qWISEIApPSni5ZjwrVL9m-xVnuH0&sai=AMfl-YQkHPzUEAY1aFmw1fcrrZjyrPuFgh5-dqh7n2JGxfvlP1BUdrIJrCkUxfmKD7V8OrXZLbBlskeCPvtCXyjwMdjhPXRn6sNXpfxIzGTrOUhviW_iqzxYDJ7m4q44EzbxCiA1HYQgjhLDp8KUUUbayCSzkuWICLk9AGxNVbx4Jrc85UXSwopzJXtnB9AgUYLIFJZcby6y7RFbXAUhVV8NNQxuSHzqKfBOi5e1NRqwi_PiXbBoWYSY8GQKRBzkp-KyVb_wuG2HaPwp2ksFumL066DYP5oWNxs&sig=Cg0ArKJSzJasxKXSQkCuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=475&vt=11&dtpt=263&dett=3&cstd=209&cisv=r20231004.71777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5902 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPGrWeVtiGTYwGHJSuEw0EMvw_BkINn9tzMtpY5PEIPYorqhnncrJ2QG3s25dn-7JTma9urOwjBKqTxtCWlnw1MQkiZy_OZgL-LbZFLLblJYh5_x0EsTwgNAUM0J5l6QT1_omhuzMtiOWNQjTY-8TB-JGV39dUDs0S3zUCnA1Xs-H_ynClz8S_P9yZJatahJQvGioRibpNrKjzCokvnCj9IRWFjjrIciVj4gaU29NuPSDJtRgmltrg7Ix_qc1gY79YEcl3lUpd3nwNc_X3lRGIrh55wQor4wTPGL8KArDaIU54UrWFq07IXLxYvv_StAPYuT9Pu-nQijk0x0XIWGENUW3v6BzpM_FRFI-CyrJ1bjEzH2Li89RT_l2GCFyNOYLFklGrzASj8iRjCKU5G7Dzr_CMc_wo-sDY7dlX4FIGAnUyLLZRFvAJ-0IP2CFKQ_vgJoQ8ws1jftsYto5BTZZnmNHQ8Wt9O0m0KWgzpVq0sTovAnFymLy1sQdbFiaClQyO2ppZHKTRu9m-sxLdgDa5eyxUyPHJQEisPxeG4dzY2whNMHrcmV7D1uEOt4m2MI5GI7qNxeabgmVVfHRP-kJNUjRtrwVcMBoeYjL1JfUAailfywD_7nuxMBXFmUMpV8NBQdarOKjIm76yTLo2FRDb5OWRF4jntt75dYc_3jo5Ad9oGiqf5Xz25IGS16GFBCPAb9sMW1dBry2UDuDngmMOMvPi-ZZZRvMo3F6y_WCfZ35sVHLOe_wS4i8017VuvFSQbUMHbQpDVNmGMeplv4eyzeV19IQZ1RwqDCCZ1dgDvXmIvudvRvTxIw4RhBtkqYmkzdXwdr7-ultk1YTWrF22H5eTMUamj0EUZKIROO5eQ6ThT-Mecck0zBaKS-jsdv4E91aNAxn1ZOdMqrRx0hBhMXS_ZnRlNZ3jXaf__Wlj9eK56JhZunZ8LNsoYWHIooVY5y3qTx7CUhho3dSdVGGcQGpZYVtPYzh6VZ9yDlOOQQXh72oGfQ3zTQPlWI4Ode0Xbu1XQtb710WSMSdfuljFWhmDGIx1ZpNAklNOKxn8enXxpqlZ4KxMXwZ66enzGUZtnQcJqW0PGcTOxE1Jx9pZi7fgaGPdfTPF4Y4LQcwQ_F4ZhP5nrjAfoeYTWAx1dOCsYIcN9D2MH6yu5d8ZQ4gcsxop76em7nLKbFaQVo5Zq-hjbLSWtf7UzabFNlDTVV7LMdJa12vTmspdCU5x7h3UkpBxe-BbHfgvO6Fn_j3NO2D2r8icUNK040dQ7xcwP5gidt1Ly5Moob_mv8m3JTNiRkIme5BJqGr3Li1pqQeaEgTxRs76fI8baIBNtFjzdpaBaen1EZnJq5fkIUzWt5BQvT8X2MwTA-RVo-ihlCTTwGyU40s-mo-mz2ZDYWJvM_e9_vNQLE5PAFfr9FG49o84KjrgdVJ_C8SF1ESM5JsjplfXFKGRfw&sai=AMfl-YQePNTZxbuuS8CgWL5obX5qKzDac1CL4xb8USxdP2liBNrLRajw1wHbIKCMi9YuprnD-6jPLWJvev1BiN2SN6Xllwx-AvXeaphNXWrjkCaaIcHk49xoLL7UpeIq7C-LFTTfvQaFArZRG-wW_0vXMG70k_lDJSwg539vblFeddrOcPwqlHQ-ooghVa78vWNY3UEqveaL2DGA7YZ9qKxN3E5aRjjcjKbsti1wOtMXLM1nf1pt2ozNeRp4aDz8hAvFKHVKi_CFeCnB8D09smJeW40fGUufgeY&sig=Cg0ArKJSzNNSphhgAC3sEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&vt=11&dtpt=297&dett=3&cstd=164&cisv=r20231004.60488&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E9F9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7RXKErcgKPliy7JZRaXvNlFX00h6iBOxk2Lpsl2y2rK3aAUMLUdb5hzGS6bNZp4KwBjzths_D93z1GAyrQVJLUWvTFVohtdT_GEClwhDGF1dlMOYrMZHHgZDR3e7u&sig=Cg0ArKJSzEwmkBXPeSCtEAE&id=lidar2&mcvt=1047&p=1037,314,1287,614&mtos=0,0,1047,1047,1047&tos=0,0,1047,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=0.64&vu=1&app=0&itpl=3&adk=2040804355&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444131746&rpt=196&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C6A0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5A1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BxpzkJPEsZYW1EK3ox_APiYK0-AYAAAAAOAHgBAI&bg=!BAelB0jNAAZy-tsgUvo7ADQBe5WfONNlJFERTs_hN7gBVWVlMHZk51Ftcu9kn-c9wH4CZ78S5WSxoiaL08jPdjIYjW17AgAAAPdSAAAABmgBB5kDJ4Gw_tcqdiPJxOZARC0MUCrTiCHKdbPbPX0ko_sT55XN5shNLHuFJhddl_wRi0NmzbTvORKYZ505NQib_ymv6B84pa-pg4xlnNUYoa52JvDrcIEfgMKVNFYKF1RZ6cFifJ2B6ex3Rwqlv_VWBeBw4KS7h8stziUiqW33qzRK1-KNdcK45w_Uhix8cp8Er3m3I6ifwux_YDXM7f-9XtUJYYvN6p1iK0-WuaKHP6atbkeC7KnFUkPuy_wer8l_i1DQPyL1ldJ4t1vaJEEfqVg691jzRu1MnxmsOyVXHCviFPkfN_L9AzMN7g5SKG8UFOBsp-JOxmi_tTPAo3X25z0q4XJdgmdzgd5GBXzVrcfCwtPQa7_WLvldqgSC8ZwAXvu_zQB7Ril3uYklT6OBObwWJ_NQO8X2TDVJ2k1Cj9Ogu6XHQFMglD-lQ1j-TUP2VwQOkY_Yn_DXT4OVim3Ewxa_2DJ7TYPpiPdQQ895J0I50vRNwWWnfCDuBmZ5On4m4da_7pAadIZ-q4cvKdMiYhkR0ODi7zEpvExQdqswfCLK3NXcgf0MqVihTfdBFCOz3KsxJCsgkfy1chNb6PobZ7HI6Wj76rnaEnJmvOzRHt18s-41zlfR5qf9GThNUhvDNGg_28FpY1_1eluA3WI4kgET-gUl_De-o-NJ9RLMJDcXUyCxFnoAKRKEJVOF_B1oKr9EgxphZf-54Ljupt2Hco0n6G4O-pLkUqNP6MJw8QBO40wuOy3IUGPk64YYao4m3DzGPDjcv0uLsa59lobU8lMgGk3Ob8Q9I0BJOHwrNtFWyK1BlMbZ0s2vGnd8bShYbTlXYSLvPwK2ptaCbHqDuQ_-lXUcimwG7lmPq0nYLod-o1UB7_W1D5IyxCePbO4SHESZ1DHR2fJ2pErEsmz0ayIn79PHtueAd-Qd1V_pm2IrSEVxykegEmKt519ETQmONK9VO3ePC35SN5ISAok99nkLRC-zRVxCaLjq6RPwzFsn3WL385-1mmV23JvS_Z7ijY-8Cg9_oBD_8MKg0p2MMt4DFZgPa2EP0VLL_qb5Wrd5odbhIsa7VzGGhw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 11EA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIYnZJPEsZfeAFOjZx_APvtGc8AMAAAAAOAHgBAI&bg=!sbKlsv3NAAZy-tsgUvo7ADQBe5WfOI8rtHAqCuy1juScIBJnuUdJJvNTpMiWcLyy-M-M2_EljIsRB5XrD04ilGg7ek8MAgAAATBSAAAABWgBB5kDU3fzgUsQJdGZPXK8Qbo6gcrcWdOGQo5vRO-IOgWKjUNu-PUIg33KVHnw8LZZ24nI7ZFTP6o2CNNblSY2OawfAClI3OuOwKOrlCysQEyi4unB4BXwmWx5Vslwe_G7AZ-5-S5-iY9Ntr4rP3PQwwiVuqAgO-StrwyaTA49pAf4QXvppgjxEdOluHR5aO41DHaXPqrZnWE8L8g_9TzLnWyNKutuWUFP_zaZnk_-lrkZjRGbuL7y4cLcM25q7eJyt3cctnDdI6SXzaw47nJhY99MFz1-s3WJRkH9XeYL3Ko5AHk3xipCzNpHsXc9yOlFFN9uOvv8AxK9DGoVMPd9puJBRGIS6Xd6Lc2_EqUuKe6dayKLluEpyqzpm-QOzUEvwb6vzhpgNv0Nc90Yn8zOjOmREoZcl65okjdIs8ZGJPLJ8KEUibeZ3weFZlvQjqKKPIKjFYkD2W_6uvAGR90G9omCBz_Cm0qS-i3WMzxH-kWuB1cMnTCwHZ-NsQD6cPawA2KHNp9kHTronjwux6AFhzdUiz2xWSGmgGaVuJKQeTRTRtYPBQ7gMKQ0g6x920fvqeNHYQhbWvKjYlZM_Nf2H28a1iNuw4cAfN4XUVfGewjwD2nwEVDpM3ibH-l6cu2w6XYq8oA1UcxOoFB4cJ2uMGtgOc_6Mczfnv6ZgIsdEikUpbd7F7c3jdbu_NzbaQEL49K_QzrfQjme51i4kQWCCU0WvYlv_3NlCFnvtEjuDM3bxgbc9fvjzhEF4iZ7nB72ECiOwgUBxXmjzZ2mMRh21NTilxVOZmJUMPgII46qUnvDXphv7j1ku0fjdwmhH4loyjeXE_32vl8Q4gA5uaTc2Gv2ZitdiiA71O4okv09EOj952hUP7BylaXxt1G6NIovAA5rSOJUnw4fcldXE5Vs4uRdgqz37V-wQa3fU_FjTHfTCA6ejmLMV0LbO-jszgRb6rgdGOa3gwg4sh8SZU9EXRM8HNNQIgfcwPdKgJX_Z8aBryyj6KQ2Bh30ff9frxwRYeN8lV43v7CGEl6VrTmk0EagJheXW5_MFkPmgYgixInli6TMnEGltxFCMSBWbzwNxe7VvRBBHcAJBEaYOQhc-WuURpMrl82ATfhsO6AXsVNlhA5a7cdO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C0C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSwQrJPEsZf-aFsjygAff4onQBgAAAAA4AeAEAg&bg=!_P-l_7DNAAZy-tsgUvo7ADQBe5WfOP-qNU3xShyrm02LFPkIDgSbaRe1lon5DtLmIgXVyIqrHxTD7j3CpfM4m3Jv_iRtAgAAARVSAAAABmgBBwoAFHoSup22vVobYaxwXMK-UUibaPhXmQNU6JnHdxkZyKn_y_Ly-uJA8OlCXzg-cm2BmBY6ICGsMiJwDstescQI0wdxHyrZEPpYbV3RmsgkJ1WcQC_segqGyq5j50UqhBNDGg25PJKthuu2messduJYX2G8toHVjPCBoxj3UvTzcnF-hOV5Vj8pYcNjzj80XpVq88UleDRx6XjB2Egdum4A0Fo31b6wtDcA8ks8zZ0FbLIv0YYR7giUJ5qmlGvjL5fUAjKr5GdRdhO0BW2cp1P5ae75GTCfQBkyi49-pgPFr-mJyGM-VNoQ_A6LUEsD5qOAhi1c0dpH-Q9rbMo4niA8IaMYUCViyjtzC7kLV5HojkRB1UlrdQl9RO7pj0lhxPR896Y1toLF4RKIDsVBXkXz6dL4cl0vfHVQ1aH10TFi7amvAq0bJb_ZHSXqo-GW3i4gAlfIaRR8JkRKIBGbDOataZrHbHvGshxch9zqegz36r1dLVQnSL3QLgpQdI76WgYvyddC_0OPrhEeNCta0amffXQ1N2JY2pJCSWSCpL8rdkQIM2VlHXvFQvVwyL65gFYuBozMmCEGXMF88vSz9zSGtiEvRf925iYEySQzFNpixvmvyg6Xh1INEnLW3129sM588MPn2AIAax8GE3THEvE016QRNAd4K-Qj3KkQD2-GPT7c_Dz6vUFLW1cNN16fjtwX8gGSRvd4N9AI-0MYzHYkseN4SbI5eZQhan2jl-E0IutKngYSTFoKYEhhvEAS6ljFCELoB_QTgR1Wh7sGc9IUNCXTiBrMAfBTf84qgY6J1ybVzDHhFisXTf_Nl4PTYXsl7NU-fmIPPxpSMCrKq7EJyEtbRPZq687pdb9xbL4B0tXfhndt7VRvK5l-FC4ygRlblWMSuazqZhL2Pr2Mnz0utVdb4rPkeO1HQTzMKrbysk6tRRL-CgE0F5B3pnzAyKfniLEOnQ86zNpmnCzxX1ZzE5ftVmGwehp9YdEgKs6VAhZArWEIS5QxElih-S5vP_gPNlWCY19n3YjXuoNpFtdHtWHiX6BfNOvBD8kl7MB1OZ3LLLJFAybOEaT6ZsiyKBvAwvuv810LxFQqvV0kF6BryKrr9oz-ejYlhJ1TKstAj0Aj0VS5IyFguYy8eFr92EmXJbhYtwSIKsxXJCEm
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F947 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158554&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 6740 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7F4zu6RS7-ari4CrIjPw6nak1TD2Jsj7puTIN-N6Zmvpd95G6wRm66mSArDFdKKj_9BZ7cGaz-UpnUXuvyrKwnHxKoLzsdIAOakc1479LNXWD-I3KbLNHqMenNT1wZsPQbbY2Z4ijnofv&sai=AMfl-YRnn1LLvyqffsBY2Ay00a-Z6BSIp_9HSxQDX3FgM52mVTlCCT_95SCjUNPZYZZ0sc9OS8qukUlSE2ruzLcf_kjSMpC_AANpw4Yzp4nK4kczYLOVVaINx34V_ME&sig=Cg0ArKJSzEqv-DE9pOpVEAE&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&id=lidar2&mcvt=1000&p=102,436,192,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2574293897&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444131706&rpt=699&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900029.redintelligence.net/ Frame 5700
Redirect Chain
  • https://hal900029.redintelligence.net/request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900029.redintelligence.net/request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1St2IvEsZcqxMozMgQf-46Fog6Hum2nIlI6X9w_wLhABINGTwypgqbC-gMwByAEJqQLe9ToZ5KGxPqgDAcgDmwSqBJYCT9CBLT6S4N7hN8rzYFShv545NbHlSxyoUNxOmv5hkDv5dWVMjqHL4mnZCoYm-8hHYyeMq5XDfawnH5lmVk-2YKP_mRjx0sIF8DDY3R8kK4_Px9FJG4AzdgMjgKsFQ_JX4z7Y9hSwlP52IyuLt2_df_opW5fvxGPb-Ugi0YUVYoi-9xjeQ-EMliCOIaOB_-hTL_hIAqNxicfBsYuCNEaI9pAfaoHlWIXQFgyeuvZFboLbjR5i17AIv5OMBvlCh1p_AM1vqIWjphFkRoXidJQQVD0phL3-7bKsAD74B3xutBXYks-4wL3yVQjk6yIjkoLq2bNldPG4i4-QAjwsyk_QypSEX2oduE1k_Fq94mEUJfKG-k60UIfABOPCoq2LBOAEA4gF1byU-T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJBVMgNAeINEwiKw8STkPqBAxUMZuAKHf5xCA2wE8_gzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIysrGk5D6gQMVDGbgCh3-cQgNEAEYASAAEgI8WfD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE%26sig%3DAOD64_0YRXy9FIqtMdXaho26MQ-aIVSAwg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DEu9p73IDOgKCN-IxtldbCgThyca1Jq0-riNff3QxoDRotwA8-SLJAsdxEmkl35YRGKPiNvhwxkEHFjDNrlxYLc6Vu3DDF20qE9j3YvldQar_rB4rG0BPDUIy5a6I5wA3tYC6Fz5wu5I3NeVyt-plOTKiibm6MsapUZqTdn58rVjR_-WQ%26cry%3D1%26dbm_d%3DAKAmf-AQvJpt7ue0tgVcvQ26Eq17czL49o4kihu-fDczb_GBJrfRCSOv9jvMnBcE1TG36zrXnjULpbZYa3_uEt859VLoVEMHFqT4nqKkQ_AsAyPpRrTaQBKeSZ3PwxfehNTE-PPEd9Yk5u-252z1A8GVG9mWLpZtFOWpwYWV-mOaOSy8-_xr190c4uB7aLt8KF9uyTqT-nvndZLfhxbA_xY9UWZD3MneIOPptlqn5LDf_eTUC8H8khbxu2bqBWxKcPonRMLa-k2QdBJWM8kTLnBtpNOXHVXaUxzsq_twf2B4HHSgyJMDYGmdziZEXPhnm47LrASXSQtBgk0UaWNgJexXLHuaIeH20Lv35n8y9opnV1zsc5r-LtdYHUIc9JpRUdrZYU6Xag9wTeopjyEys2kV7AdcsTtWDviwK7GtMCg5T5CqXVt8HJkuc5BNtNNVM149R1y25Qq2IbeHmtzuiHdbtLx0GFVKKxi_tS8gD6T0KTN60Mkm7rLyFguSX2RKEk9VEdz-5qDNlDPlSKnk3NvwwBMpVzp3UoZ8Jvn_s4Hn1e3BN2tqs3c%26adurl%3D&documentReferer=https%3A%2F%2Fnews.walla.co.il%2F&ancestorOrigins=https%3A%2F%2Fnews.walla.co.il&random=605887973381&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
c11cb885e411efc43b004ef93dc286e0da10cd95d91a5b54a45e0ec10cb65ee0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
76803500040185604439986012479029
Connection
close
Content-Length
331
Expires
Mon, 16 Oct 2023 09:15:36 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:33 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1St2IvEsZcqxMozMgQf-46Fog6Hum2nIlI6X9w_wLhABINGTwypgqbC-gMwByAEJqQLe9ToZ5KGxPqgDAcgDmwSqBJYCT9CBLT6S4N7hN8rzYFShv545NbHlSxyoUNxOmv5hkDv5dWVMjqHL4mnZCoYm-8hHYyeMq5XDfawnH5lmVk-2YKP_mRjx0sIF8DDY3R8kK4_Px9FJG4AzdgMjgKsFQ_JX4z7Y9hSwlP52IyuLt2_df_opW5fvxGPb-Ugi0YUVYoi-9xjeQ-EMliCOIaOB_-hTL_hIAqNxicfBsYuCNEaI9pAfaoHlWIXQFgyeuvZFboLbjR5i17AIv5OMBvlCh1p_AM1vqIWjphFkRoXidJQQVD0phL3-7bKsAD74B3xutBXYks-4wL3yVQjk6yIjkoLq2bNldPG4i4-QAjwsyk_QypSEX2oduE1k_Fq94mEUJfKG-k60UIfABOPCoq2LBOAEA4gF1byU-T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJBVMgNAeINEwiKw8STkPqBAxUMZuAKHf5xCA2wE8_gzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIysrGk5D6gQMVDGbgCh3-cQgNEAEYASAAEgI8WfD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE%26sig%3DAOD64_0YRXy9FIqtMdXaho26MQ-aIVSAwg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DEu9p73IDOgKCN-IxtldbCgThyca1Jq0-riNff3QxoDRotwA8-SLJAsdxEmkl35YRGKPiNvhwxkEHFjDNrlxYLc6Vu3DDF20qE9j3YvldQar_rB4rG0BPDUIy5a6I5wA3tYC6Fz5wu5I3NeVyt-plOTKiibm6MsapUZqTdn58rVjR_-WQ%26cry%3D1%26dbm_d%3DAKAmf-AQvJpt7ue0tgVcvQ26Eq17czL49o4kihu-fDczb_GBJrfRCSOv9jvMnBcE1TG36zrXnjULpbZYa3_uEt859VLoVEMHFqT4nqKkQ_AsAyPpRrTaQBKeSZ3PwxfehNTE-PPEd9Yk5u-252z1A8GVG9mWLpZtFOWpwYWV-mOaOSy8-_xr190c4uB7aLt8KF9uyTqT-nvndZLfhxbA_xY9UWZD3MneIOPptlqn5LDf_eTUC8H8khbxu2bqBWxKcPonRMLa-k2QdBJWM8kTLnBtpNOXHVXaUxzsq_twf2B4HHSgyJMDYGmdziZEXPhnm47LrASXSQtBgk0UaWNgJexXLHuaIeH20Lv35n8y9opnV1zsc5r-LtdYHUIc9JpRUdrZYU6Xag9wTeopjyEys2kV7AdcsTtWDviwK7GtMCg5T5CqXVt8HJkuc5BNtNNVM149R1y25Qq2IbeHmtzuiHdbtLx0GFVKKxi_tS8gD6T0KTN60Mkm7rLyFguSX2RKEk9VEdz-5qDNlDPlSKnk3NvwwBMpVzp3UoZ8Jvn_s4Hn1e3BN2tqs3c%26adurl%3D&documentReferer=https%3A%2F%2Fnews.walla.co.il%2F&ancestorOrigins=https%3A%2F%2Fnews.walla.co.il&random=605887973381&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 16 Oct 2023 09:15:33 +0200
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.walla.co.il%2F&domain=news.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 16 Oct 2023 08:15:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
208118
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.walla.co.il%2F&domain=news.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
168824
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1733 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 16 Oct 2023 08:15:34 GMT
ETag
"623de86a-cf34"
Expires
Tue, 17 Oct 2023 08:15:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0F32 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:33 GMT
/
ssc-cms.33across.com/ps/ Frame 755E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP009 /
Resource Hash

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
server
33XP009
x-33x-status
2000208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18B4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=126991
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 16 Oct 2023 08:15:33 GMT
expires
Tue, 17 Oct 2023 19:32:04 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5FB4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 08:15:34 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4A81 		653 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
aa8f12a788b435ac1991db81195e71bd817ab1a25017b6dac6b0288ff53d55d0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
413
content-type
text/html
date
Mon, 16 Oct 2023 08:15:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame B8BE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
1020
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
816edadf5fbf5b0c-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:36 GMT
expires
Mon, 16 Oct 2023 12:15:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame EC53 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1697444129117
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 6BA4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697414400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c76335690603b60619c3ac3c153208479ca24fb82e4991b45a647fa3319f71

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edacc1aed5b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:33 GMT
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 18B4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17613220&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ffdfd1cc4e1c522d96d1eafee7fa22cedbccbac3ed1811bcd5e9dcbbe327a78e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 16 Oct 2023 08:15:32 GMT
content-length
1676
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 4A81
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=QkcDJhJDA3ZZRQAjQkMccUwQUCdZEFImF0dd6HhU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=QkcDJhJDA3ZZRQAjQkMccUwQUCdZEFImF0dd6HhU
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=QkcDJhJDA3ZZRQAjQkMccUwQUCdZEFImF0dd6HhU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4A81
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5445555529033447467
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5445555529033447467
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5445555529033447467
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4A81
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=469833a1-4924-c365-00ba-813ecef4925d
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=469833a1-4924-c365-00ba-813ecef4925d&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=469833a1-4924-c365-00ba-813ecef4925d&dcc=t
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BK2ZWDFFFYVS76J8CWPE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QNRBX6A2K26Q5Y1A1P2A
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=469833a1-4924-c365-00ba-813ecef4925d&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 4A81 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1e4e4fdc-558e-789f-c0b4-03a9a6c759bd&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4A81 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzIyMTljMTYtOWNmOS0yNjNiLWQ1NTQtNTkxMDZjMjU5N2Rk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4A81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECvdEh3Je6uIIaonP2T77Dw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6740 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7963991034691&version=m202309260101&ct=76&x=1&cor=14893318437487071000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C6A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-4vcIvEsZcexMozMgQf-46FolOP_t3OLp4C__xHc2R4QASDRk8MqYKmwvoDMAaABh4O_9wPIAQLgAgCoAwHIAwiqBMICT9BumcjverQL7pfmeZyRR_K_QKx-39Xzh-AObeeLraqvRypTn4NN9BwT8Glgijosb7RF0WOoiGlNyi07cHo9b0XKbOgZK9lG9Lfk_wtozV8LiXz0-4hBSOOP80CvxjxGk2cNOlIBU6Ee7QWOarYcBRItFA-SB4MUB73LFHY3IZbewY46uUBlL9gtL9aoFfLwLABTyj7RJa5t3tPuwIyJOIOvVeCeE1jaZYxyWAB3rtgnVe3vB57sPEhwKnGngsdVNjOZTJtUQRjjmJX66AV5BuPv0-MDFnhJNRXZ_XqXFCmvrO3ZfDoBQeIF6B5dRmee1YHukUKUkPWXpJSDbVfvAEjcXooRZvCYYWsIm9z6uO6jbnS9GpvkjofL3qm76pR_yR8Wtq6QbxSWOqve5ubQFiwz5qqC8iqm2WNtYnFAlMUGh8AE56259LYE4AQBiAXDlMyvTJIFBAgEGAGSBQQIBRgEoAYCgAeroqEjqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ--Eb0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJhwFodHRwczovL3d3dy5saWdodGludGhlYm94LmNvbS9jL21lbi1zLWhvb2RpZXMtc3dlYXRzaGlydHNfMTg4MDk_dG9wX3BpZD05NjQzOTk0LDk2NDc0MTAsOTY1MTU2OSw5NjQ0NTA0LDk2Mzg5NDMsOTY1MTE0Miw5NjU5MjM5LDk2NTExNDaACgPICwHiDRMIh8PEk5D6gQMVDGbgCh3-cQgN2BMM0BUBgBcBshceChwIABIUcHViLTc2Mjc2NTAwODY4OTU1OTAY8eYT&sigh=Cg5iHbrX__0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5902 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7744839071337&version=m202309260101&ct=76&x=1&cor=5194061478730562000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 6BA4 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
262449
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
816edacd6c6b5b06-VIE
expires
Thu, 31 Dec 2037 23:55:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 18B4 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84352573&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 16 Oct 2023 08:15:33 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F947 		47 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56426092&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 16 Oct 2023 08:15:32 GMT
content-length
47
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 75A2 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:34 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 6151 		0
0
i.match
s.tribalfusion.com/z/ Frame 1A3D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
816edad088cdc291-VIE
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
816edacf5f9ac291-VIE
content-type
text/html
date
Mon, 16 Oct 2023 08:15:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
233
pub
matching.truffle.bid/sync/ Frame 3A6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 16 Oct 2023 08:15:35 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 6E84
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9BD76A46B7904DDBA4E5E1ABB6B9886F&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9BD76A46B7904DDBA4E5E1ABB6B9886F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 08:15:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 16 Oct 2023 08:15:34 GMT
expires
Sun, 15 Oct 2023 08:15:34 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9BD76A46B7904DDBA4E5E1ABB6B9886F&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame FD2C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1697444134026
  • https://ad.turn.com/r/cs?pid=45&rndcb=5576885168
  • https://sync.1rx.io/usersync/turn/2793941312454047967?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b43a93e9-1172-4312-bfb6-200c0f053944-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b43a93e9-1172-4312-bfb6-200c0f053944-003
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b43a93e9-1172-4312-bfb6-200c0f053944-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Mon, 16 Oct 2023 08:15:34 GMT
etag
RXb43a93e911724312bfb6200c0f053944003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b43a93e9-1172-4312-bfb6-200c0f053944-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
mw
mwzeom.zeotap.com/ Frame 18B4 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C7E7BC18-34D3-4297-BB25-D52CD968471E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
816edad8d833c240-VIE
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 18B4
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C7E7BC18-34D3-4297-BB25-D52CD968471E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C7E7BC18-34D3-4297-BB25-D52CD968471E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C7E7BC18-34D3-4297-BB25-D52CD968471E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C7E7BC18-34D3-4297-BB25-D52CD968471E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 18B4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 18B4
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7291242071810221903
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7291242071810221903
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 08:15:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:35 GMT
an-x-request-uuid
bd63f0de-6f06-4f05-be7a-cfe7cdb6da2e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7291242071810221903
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.ex.co/v1/ Frame E229 		86 B
539 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C7E7BC18-34D3-4297-BB25-D52CD968471E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Mon, 16 Oct 2023 08:15:34 GMT
vary
Origin
drop_cookie_sw.php
csync.smilewanted.com/ Frame 7977 		0
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edacdcce55b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:34 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9DBE 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 68D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 08:15:34 GMT
X-Sovrn-Pod
ad_ap1ams1
d53051fb-850a-4eeb-bf70-1zz1697444118
csync.smilewanted.com/set_partner_userid_get/richaudience/ Frame C32C
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://csync.smilewanted.com/set_partner_userid_get/richaudience/d53051fb-850a-4eeb-bf70-1zz1697444118
0
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/richaudience/d53051fb-850a-4eeb-bf70-1zz1697444118
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edace9e035b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:23 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/richaudience/d53051fb-850a-4eeb-bf70-1zz1697444118
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
generic
match.adsrvr.org/track/cmf/ Frame 3B4A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4331228036
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4331228036
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:34 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 16 Oct 2023 08:15:34 GMT
etag
RXb43a93e911724312bfb6200c0f053944003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4331228036
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
smwt256.gif
us.ck-ie.com/ Frame 5825 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 16 Oct 2023 08:15:34 GMT
Server
nginx
5445555529033447467
csync.smilewanted.com/set_partner_userid_get/adform/ Frame EB89
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5445555529033447467
0
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/5445555529033447467
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edacf9f465b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 16 Oct 2023 08:15:34 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/5445555529033447467
server
nginx
v1
match.sharethrough.com/universal/ Frame ADF2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.44.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

date
Mon, 16 Oct 2023 08:15:34 GMT
smw888.gif
us.ck-ie.com/ Frame F9F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 16 Oct 2023 08:15:34 GMT
Server
nginx
gLJK0P9m0azHUlc3elHd
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame D300
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gLJK0P9m0azHUlc3elHd?pi=smilewanted&tc=1
0
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gLJK0P9m0azHUlc3elHd?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edad0b8e55b06-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 16 Oct 2023 08:15:34 GMT Mon, 16 Oct 2023 08:15:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gLJK0P9m0azHUlc3elHd?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 1F73
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=55d91c28205fdea1159c1a46316eed1f
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=55d91c28205fdea1159c1a46316eed1f
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
2126d2d0-eb14-4038-a51d-02ed3f4e5e6a
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Mon, 16 Oct 2023 08:15:34 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
816edad098c15b06-VIE
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:15:34 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=55d91c28205fdea1159c1a46316eed1f
server
cloudflare
usync.js
eus.rubiconproject.com/ Frame 7298 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:34 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 20:09:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42799
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 20:08:53 GMT
async_usersync
ib.adnxs.com/ Frame 1733 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:34 GMT
an-x-request-uuid
66026234-53b8-46fd-845c-1c8c322d9ebe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYO8RWVZswbMNYOK4IkCNjrzj_LwtM_hiAPzgBRjs7y5DiNS9RFFjc8KggYjkWgSr5VyNJZXjs0ZKZIFp4A75939PG_HWmudjIGhsFww8EEACZ61bNJw72W9GC_X-o2548T3wVwCE0O2Mr&sai=AMfl-YSrBiHKxfUK1kWw7s0eYwrRYYRWGfEJqnmNok7YV9JbZ2WbPdd1knylLTOEYXXF32ctAy5cN09yasFWP39q2ZyZOpVJwUD-MJrk647ZiNmFyt6quWmf6fpNwGo&sig=Cg0ArKJSzMo6dPdhIEjUEAE&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&id=ampim&o=1439,186&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=2146&tls=3158&g=100&h=100&tt=3158&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5FB4 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:34 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 20:09:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42799
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 20:08:53 GMT
usync.js
eus.rubiconproject.com/ Frame 04A5 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:34 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 20:09:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42799
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 20:08:53 GMT
khaos.json
token.rubiconproject.com/ Frame 7298 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
khaos.json
token.rubiconproject.com/ Frame 04A5 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
khaos.json
token.rubiconproject.com/ Frame 5FB4 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
image_b_01.png
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/image_b_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
124d72eeecfd7106eda0dcefdd11ab5c1cfa029dd1bc1b35d09d9273b1b12fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98484
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
copy_b01_wide.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/copy_b01_wide.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
59a8826b360eed0110fa339c6c4932d6be0f9b2e4ea80cad1eb45d630997d1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1470
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
copy_b_02.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		2 KB
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/copy_b_02.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
6ce905609967c33ad3dfbeaa98d7ce76f91559121370fc0ac1289d55be217e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
copy_cta_wide.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/copy_cta_wide.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
804f1f3aba934bed9ee94204395a2df60cc088c6062d6e317bf2964ba4bf6143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 09:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341742
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2128
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 09:19:53 GMT
cursor.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		590 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/cursor.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
f549fc9166c98dcd5c20e7c6a7f30cafd7ddf0629c08cb66c253053420b362ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
408
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
copy_cta_button_white.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/copy_cta_button_white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
bdcca1dc336a3265d25fae273664f00aaeb0aa74533b771690cf453297c5835e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1282
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
einfach_mehr.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/einfach_mehr.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
14f15628954c9170de17d411bb31c56c9fcf152df5cf647d11c25b52ca97face
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2105
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
copy_cta_button_blue.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/copy_cta_button_blue.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
852450d4babc4394c3e7d0d16a9282f4d3804901bee0edbc787628c0798a29d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304807
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1282
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 19:35:28 GMT
hartlauer_logo.png
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/hartlauer_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
104b38bd13206263384f9e7759a74b105ec19817e304ecf455ff5ce643997829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:00:46 GMT
x-content-type-options
nosniff
age
256489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29050
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 09:00:46 GMT
form.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		764 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/form.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
a70c71bcfc9560c33480e3b859424f628b5fa665dfb5866183a733d47f3237c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 02:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
521
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 02:04:15 GMT
background_300x250.svg
s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/ Frame 5744 		455 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/assets/background_300x250.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
82156a7f51f02b74e470899539de45ce9177d69f3c1cee09185c6ab6f083610d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14911322090706567168/hartlauer_b_728x90/hartlauer_b_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 07:22:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Oct 2024 21:07:16 GMT
perf
il-trc-events.taboola.com/wallail-walla/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/wallail-walla/log/3/perf?tvi48=12019&tvi50=13497&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://news.walla.co.il
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
async_usersync
ib.adnxs.com/ Frame 1733 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:35 GMT
an-x-request-uuid
110fec37-8acb-486c-9138-ee85d00925c4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 18B4 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
adview
securepubads.g.doubleclick.net/pagead/ Frame AB87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEokqIvEsZcuxMozMgQf-46FoyZ7SsVyl_JP3cMCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLe9ToZ5KGxPuACAKgDAcgDAqoEsQJP0EOnuRWcbInPPOoR5Q7oC1axkhRg2NJgDdTbpRjg4gb8OAWErLHUZQ_TBT-zGE9yVYYQqzO5z0TfRuCeTZBR7X6r_FzezrN23HMBRnzyywyr_F1Zh2gXaG0WhIsLxRrwBk05M5hFiCOfj9WuipB9TkCiTozqDosjUYOUfRNv47Zy7Jv9DlvFBXCQIilKOv7J2PNIBhWlQlXyFfB27NZnNrTbyb4V5kUJ-Ehxf4II2FunXEKdeIh6vi-GoioNpoUCAjklhwXuAtGR8lQcIJV0M3OUD-PnawmYW8moYIC1-HHOlquH05l4beesa6kW5_KpYNX0p2bB_rEkutZA_vuE7cWpRUiHXUFQW2dTEPDVkrX-oYmMi4LfnAtGgtlyBmChBtDSTcB1TEBmI1fNxWDbIeAEAYAGmpn2_6PUiZlUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=CBT2fFoMtyw&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE&cbvp=2&vis=1
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AB87 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k8TMCs35RKwCkAOdg2ICAgAAAPhK5wT9N68YUwfGnDwtHg8QIvEsZc8mzeJ3yPUyxtUAABIAAAoKQVFVQkR3RUJEdw&wp=ZSzxIgAMmMsK4GYMAAhx_qEyyV4XpV-6l_rW2Q&cbvp=2
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:35 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
183794
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C1A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-W5MH_EsZYvSNan6gAeUh53gDMme0rFcxYyL4JoBwI23ARABIABgqbC-gMwBggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAt71OhnkobE-4AIAqAMByAMCqgSjAk_QLDAdCficD6_38nmF2A4vRY94uln6JtSc0UF2nvKdMnnGln7FZw_F4zGLJ6TC9x6DcNglyM2ctPgwOS52maiSonlYcH8bLIx4BYM1iogE_xqQAe5eUZzLgShUoQmGm88e3oTVzYuC_JM4Llvv39kFlRPZSqfiybHuWoSoA2es52ZxmxAsXHywB9FHRvLpiyjcT3VSUXec_pOC5jcOERCA0TEXexf65ppETTRRyq3pie-jMfrOgCsz__RxL_mr34qzFAzPwjsEta_A-f4rjqEpooY6DUJn5ZraaXWCxloKkfDoesJ-_0qdRhkAMaZxsz2FcoPZjpuhFYZ7B_k2W5IlafXlpwHUkBYXQqoLUKSz35wmtv_XmqDDsJVZ6vqH6IvKWOAEAYAG743Nk_2-85BboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=KkYJYJYGsXI&uach_m=[UACH]&cid=CAQSOwDICaaNCqoya4Gm_x-iKj8CgApTeuDymbm15YLZIp-xJwPegutf1GhqixLsMRK4v_dLaRwHfrBHLbo4GAE&cbvp=2&vis=1
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C1A0 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k8ujEM35RMoHUJ2DYgICAAAA-ErnBP03rxhTB8acPC0eDxAf8Sxl0UDJOCdZr2bJUwAAEgAACgpBUVVCRHdFQkR3&wp=ZSzxHwANaQsK4D0pAAdDlBFBmbj29o2WwdBD1Q&cbvp=2
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:36 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
145011
server
Kestrel
content-length
0
request_content.php
hal900029.redintelligence.net/ Frame 29E6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=76803500040185604439986012479029&a=6b8c143d
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=4roa139sx2t9&nw=20&renderingType=javascript&namespace=c95903ad7c&subid=&uid=a8767e2ba31f7b39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1St2IvEsZcqxMozMgQf-46Fog6Hum2nIlI6X9w_wLhABINGTwypgqbC-gMwByAEJqQLe9ToZ5KGxPqgDAcgDmwSqBJYCT9CBLT6S4N7hN8rzYFShv545NbHlSxyoUNxOmv5hkDv5dWVMjqHL4mnZCoYm-8hHYyeMq5XDfawnH5lmVk-2YKP_mRjx0sIF8DDY3R8kK4_Px9FJG4AzdgMjgKsFQ_JX4z7Y9hSwlP52IyuLt2_df_opW5fvxGPb-Ugi0YUVYoi-9xjeQ-EMliCOIaOB_-hTL_hIAqNxicfBsYuCNEaI9pAfaoHlWIXQFgyeuvZFboLbjR5i17AIv5OMBvlCh1p_AM1vqIWjphFkRoXidJQQVD0phL3-7bKsAD74B3xutBXYks-4wL3yVQjk6yIjkoLq2bNldPG4i4-QAjwsyk_QypSEX2oduE1k_Fq94mEUJfKG-k60UIfABOPCoq2LBOAEA4gF1byU-T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJBVMgNAeINEwiKw8STkPqBAxUMZuAKHf5xCA2wE8_gzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIysrGk5D6gQMVDGbgCh3-cQgNEAEYASAAEgI8WfD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3xsl3lxkYnInvAPO5VZS6gdbwWz3i2fwVVpZlaI24j3bUym9ZMOZk5I7rNNTbj9n1GIJqXMSGAE%26sig%3DAOD64_0YRXy9FIqtMdXaho26MQ-aIVSAwg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DEu9p73IDOgKCN-IxtldbCgThyca1Jq0-riNff3QxoDRotwA8-SLJAsdxEmkl35YRGKPiNvhwxkEHFjDNrlxYLc6Vu3DDF20qE9j3YvldQar_rB4rG0BPDUIy5a6I5wA3tYC6Fz5wu5I3NeVyt-plOTKiibm6MsapUZqTdn58rVjR_-WQ%26cry%3D1%26dbm_d%3DAKAmf-AQvJpt7ue0tgVcvQ26Eq17czL49o4kihu-fDczb_GBJrfRCSOv9jvMnBcE1TG36zrXnjULpbZYa3_uEt859VLoVEMHFqT4nqKkQ_AsAyPpRrTaQBKeSZ3PwxfehNTE-PPEd9Yk5u-252z1A8GVG9mWLpZtFOWpwYWV-mOaOSy8-_xr190c4uB7aLt8KF9uyTqT-nvndZLfhxbA_xY9UWZD3MneIOPptlqn5LDf_eTUC8H8khbxu2bqBWxKcPonRMLa-k2QdBJWM8kTLnBtpNOXHVXaUxzsq_twf2B4HHSgyJMDYGmdziZEXPhnm47LrASXSQtBgk0UaWNgJexXLHuaIeH20Lv35n8y9opnV1zsc5r-LtdYHUIc9JpRUdrZYU6Xag9wTeopjyEys2kV7AdcsTtWDviwK7GtMCg5T5CqXVt8HJkuc5BNtNNVM149R1y25Qq2IbeHmtzuiHdbtLx0GFVKKxi_tS8gD6T0KTN60Mkm7rLyFguSX2RKEk9VEdz-5qDNlDPlSKnk3NvwwBMpVzp3UoZ8Jvn_s4Hn1e3BN2tqs3c%26adurl%3D&documentReferer=https%3A%2F%2Fnews.walla.co.il%2F&ancestorOrigins=https%3A%2F%2Fnews.walla.co.il&random=605887973381&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e76dfc22c16a854230e826b8d4af198ecd3f41f901db16748dd51f22e547e6a5

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1504
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Oct 2023 08:15:36 GMT
Expires
Mon, 16 Oct 2023 09:15:36 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9E88 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
1211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5700 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbf501dde9810739ff455bd0e4f537fb57478d9b16efdeb18cea5d565a1145ea

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 9E88
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPibTmDS3Bj7l5f63AWFBKY&google_cver=1&google_push=AXcoOmQ4e4Toav7c30jYCZZHTdW5tu2Aty-acCGk4SZCIxXAyq8t-EQ6SV...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ4e4Toav7c30jYCZZHTdW5tu2Aty-acCGk4SZCIxXAyq8t-EQ6SVlJh1QOYK5h4-FHOfrH-_EFng-HDqtRM00JpmPZMfM&google_hm=6H2cJ5kwMn0Ul...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ4e4Toav7c30jYCZZHTdW5tu2Aty-acCGk4SZCIxXAyq8t-EQ6SVlJh1QOYK5h4-FHOfrH-_EFng-HDqtRM00JpmPZMfM&google_hm=6H2cJ5kwMn0UlJ_wuCPgHw
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ4e4Toav7c30jYCZZHTdW5tu2Aty-acCGk4SZCIxXAyq8t-EQ6SVlJh1QOYK5h4-FHOfrH-_EFng-HDqtRM00JpmPZMfM&google_hm=6H2cJ5kwMn0UlJ_wuCPgHw
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame 9E88 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEEptlbQ0xHUbEz9s5xeNuvs&google_cver=1&google_push=AXcoOmS1wuQbx8xNOigD5dj2HPKqkVEJJBag5jdU5f6RHXGiJCMI8owOoYlEBQ8RBU5tr37q-gQ1mXONVlE9R_QMmvOu4efpaPz8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS1wuQbx8xNOigD5dj2HPKqkVEJJBag5jdU5f6RHXGiJCMI8owOoYlEBQ8RBU5tr37q-gQ1mXONVlE9R_QMmvOu4efpaPz8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
816edadb9cdfc291-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E88
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOyLLHeBQ3TD_UC8hH5FTMM&google_cver=1&google_push=AXcoOmT3P8t5cwrvjjVtyxoQfHV8iTRfMKdBt2t86XdI7Q-DhViAhh3BDQDKhWz24ZL-6Pzj1nWbXk23a46...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT3P8t5cwrvjjVtyxoQfHV8iTRfMKdBt2t86XdI7Q-DhViAhh3BDQDKhWz24ZL-6Pzj1nWbXk23a462zYmmUlOnqOa7nYVW&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT3P8t5cwrvjjVtyxoQfHV8iTRfMKdBt2t86XdI7Q-DhViAhh3BDQDKhWz24ZL-6Pzj1nWbXk23a462zYmmUlOnqOa7nYVW&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT3P8t5cwrvjjVtyxoQfHV8iTRfMKdBt2t86XdI7Q-DhViAhh3BDQDKhWz24ZL-6Pzj1nWbXk23a462zYmmUlOnqOa7nYVW&google_hm=K9LXDIkCQ0yVXbtEUdCiUXE
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E88
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOCxiRlxfi7glR2aLQiXahc&google_cver=1&google_push=AXcoOmTUDf6fc1YJksrI9uuIl8UDZaZpJWpYD0mbzNiglxSNLQVFk96KjKlXWjKQzBxPFCCfCIrySb3e...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmTUDf6fc1YJksrI9uuIl8UDZaZpJWpYD0mbzNiglxSNLQVFk96KjKlXWjKQzBxPFCCfCIrySb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmTUDf6fc1YJksrI9uuIl8UDZaZpJWpYD0mbzNiglxSNLQVFk96KjKlXWjKQzBxPFCCfCIrySb3eWa2j98PEblIyWuiuBHpJ
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ0NTU1NTUyOTAzMzQ0NzQ2Nw&google_push=AXcoOmTUDf6fc1YJksrI9uuIl8UDZaZpJWpYD0mbzNiglxSNLQVFk96KjKlXWjKQzBxPFCCfCIrySb3eWa2j98PEblIyWuiuBHpJ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
-
s.ad.smaato.net/c/n/// Frame 9E88 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKxz-1sSzZ8gacTVbAFCons&google_cver=1&google_push=AXcoOmSf0e_UfyMaTWeHBy-X19-IUHmO1g05VU7YIPdQ5jacFnHCegJk_2NkAaVyr-dFdTxkCziafuiUZGTW3KHu33GsFvH_vds9
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:36 GMT
cache-control
no-cache, must-revalidate
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Eh7-i4ByyYfzmA97uZt2Y3gKywu5TcSqKHkmUDbO2O3ZLWoXe2vw4g==
x-cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame 9E88
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHJO3Uy5Ho_eNmj1I7d64dk&google_cver=1&google_push=AXcoOmS7Re9WcobS-lqps-5C1l35mKhT2C2dChx95PKNQsBUfNJ3ZnZYiNvVM7--nQrD8WLurBGS0O3_GeNl...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS7Re9WcobS-lqps-5C1l35mKhT2C2dChx95PKNQsBUfNJ3ZnZYiNvVM7--nQrD8WLurBGS0O3_GeNlFBJHIGr4_WUtWag
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS7Re9WcobS-lqps-5C1l35mKhT2C2dChx95PKNQsBUfNJ3ZnZYiNvVM7--nQrD8WLurBGS0O3_GeNlFBJHIGr4_WUtWag
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS7Re9WcobS-lqps-5C1l35mKhT2C2dChx95PKNQsBUfNJ3ZnZYiNvVM7--nQrD8WLurBGS0O3_GeNlFBJHIGr4_WUtWag
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 9E88
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.targeting.unrulymedia.com/csync/RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTG5bZAi7Y4c_ej_GQju...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTG5bZAi7Y4c_ej_GQjummVaZ8xwjppFsXFmoBkY2c49ZiISqRpt2kyFTR5BZAt2TdNuS0zb1MJ1C5H9GsViNKBxCEJ12Vr&google_hm=A-evD3C-eEaNvk4qayhvbhc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTG5bZAi7Y4c_ej_GQjummVaZ8xwjppFsXFmoBkY2c49ZiISqRpt2kyFTR5BZAt2TdNuS0zb1MJ1C5H9GsViNKBxCEJ12Vr&google_hm=A-evD3C-eEaNvk4qayhvbhc
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTG5bZAi7Y4c_ej_GQjummVaZ8xwjppFsXFmoBkY2c49ZiISqRpt2kyFTR5BZAt2TdNuS0zb1MJ1C5H9GsViNKBxCEJ12Vr&google_hm=A-evD3C-eEaNvk4qayhvbhc
date
Mon, 16 Oct 2023 08:15:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe7af0f70be78468dbe4e2a6b286f6e17003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 9E88 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7vr61WGt5mY2-hqenEdxkLpuXvJPBasLPJRkdZZ0vwZp7nleU47n6wXK8L0NWgvmwCyDT
Requested by
Host: 2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 29E6 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=76803500040185604439986012479029&a=6b8c143d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 Mossingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:36 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-119bc"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
72124
viewability
hal900029.redintelligence.net/ Frame 29E6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=76803500040185604439986012479029&a=a324317c&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=76803500040185604439986012479029&a=6b8c143d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=76803500040185604439986012479029&a=6b8c143d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:36 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 29E6 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 5827 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528800d4087d2db335f82e8c6ed368f99caca864e71473b936c1d6dad9c22c34

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816edadfabe4c29d-VIE
content-encoding
br
content-type
text/html
date
Mon, 16 Oct 2023 08:15:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e87Xqa%2FFpqWnPcR0cmiKbAKWhdylj9etDR895Ch1ff8xv5w6pWWZktOhMc7kxnZqIbG15gEwn4fkRID5rJd9Rj7shL3VVQvxI32PVQybcrFvU%2FkVKf6N%2B6xL20rdnHFgsCbOMhXidwMEow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5827 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 5827
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7291242071810221903
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7291242071810221903
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsSC4x2kEHWTxfkHd1nqD4An%2Fa2kdv8Q2Fow8Tsh24hjfkDZIawfRCfhf7%2FoRXFU4Fp11Fcn7bFNt%2BAly6aKh050UnHDQjRB%2BtR8EUojA19ZcffAK1FcfuN%2FrVXW7YkbHZPJ4wZ0%2BmERtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edae02c7ac29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
an-x-request-uuid
cdceefb4-72da-4f30-b904-7c17eadfa2cf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7291242071810221903
x-proxy-origin
194.35.121.113; 194.35.121.113; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5827
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACTOk7KWeIAABiS_wrVow&expiration=1698653736
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACTOk7KWeIAABiS_wrVow&expiration=1698653736
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YN4bINqjoNJ4N6Ja3%2FFHFZTKOhklcWgBukVhrkWu9%2Bb%2FpKyNX9j5Mk82vBJnE%2F97g%2FZwRuQ2gMFzS9egCgdSG9TFyQSeA4ay3%2B%2BFboKYACq1D8fMVRivw85IjESbRkdxJ8lEFYR2yVAmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edae04c9fc29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACTOk7KWeIAABiS_wrVow&expiration=1698653736
Date
Mon, 16 Oct 2023 08:15:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 5827
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=285ca19b64d6815af85768658dd7eb3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7291037504216623373&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACTOk7KWeIAABiS_wrVow&dataProviderId=817&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:38 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 08:15:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1697444138305011-333
Expires
Mon, 16 Oct 2023 08:15:38 GMT
crum
dsum-sec.casalemedia.com/ Frame 5827
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2bd2d70c8902434c955dbb4451d0a251&expiration=1700036136
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2bd2d70c8902434c955dbb4451d0a251&expiration=1700036136
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vSAYr1gHfQQYulZlTTtd%2FIeConT9rx5d6pNTzpGeN%2FEtm656vbCKfuo7N2Z24co2fcECf%2FupZqrARi2gSPSqwLaO4%2BoPSF7fg6cx%2Ba71P4YIsDscMwzdsyEZJK%2BKbuOS50TRWCvFVNqmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edae04c96c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2bd2d70c8902434c955dbb4451d0a251&expiration=1700036136
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 5827 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 5827
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=UoVtwQKBbZFJh27EUoFyllzSPsBJ0jzBB4UP3mLb
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=UoVtwQKBbZFJh27EUoFyllzSPsBJ0jzBB4UP3mLb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6BJpCP8bdeAEEiA9Fqis9vTlclFmL9PffUHmOGHrkotApv9C5VUKctpybQrbKR98%2BFTizgXyYXVpNJ0GnPDFsk4Abpj5duQNugzewyfIaCojRsHBlllCM98otJkAYIBqLVtI5Q2JTYeXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edae02c82c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=UoVtwQKBbZFJh27EUoFyllzSPsBJ0jzBB4UP3mLb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 5827
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697530536
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697530536
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Tq1euSzBSr0Q92R4a50GIPza3BlP7nwxDa2UnXMIJJ32CKCYpJkluoz%2BbqPxwo4A5Fu59FUR2VM60tm%2BJEqbkD45cEaELKgW317hGC877czCDHtsnwebC9u%2BJ564xOkvwzhI9dx"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816edae04c97c29d-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697530536
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5827 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSzxIjI5J1C5GBqQA8vXMQAA%262170
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
65585
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
816edae008b75b0c-VIE
content-length
43
expires
Tue, 17 Oct 2023 08:15:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5700 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8764252526538&version=m202309260101&ct=77&x=1&cor=11829655703231447000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
starti
s-06.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-06.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fnews.walla.co.il&se=7c4d7d16-6cd5-4fdd-a80b-ed2538b139ef&pv=117.59&dd=news.walla.co.il&gpvck=v022829073__600x337______DEF__nil__405&sa=shd&s=0.0&p=1320259211&cb=1697444138709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
9d5e68eb8296a46ad6ee32745771a307f6c336f2c8a2b5cf167fd59538c6c74b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1235.json
id5-sync.com/g/v2/ 		275 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
2142d1d9466f5c5d4176c5cf0e3744921b922c635390e88177a38a1c15b56667
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
hls.min.js
cdn.ex.co/player/hls/1.4.10/ 		366 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
75fb3e2fec5d57e634dd2a97afd2bb7139c6cb0f1f56f9f57ce2c797e671364f

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:38 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
110852
last-modified
Wed, 11 Oct 2023 09:05:36 GMT
server
AmazonS3
etag
"11f9c70968e9fe9fe95f45eabcd09af5"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 23 Oct 2023 08:15:38 GMT
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=Pl1zXCk_Mk1NIHM7KWMoU-EonKrvyet6NUHSVDNzOMBm1PmUnqBqetsrUQ5lfjXbV7F8LRGPFiEa4sQL5puyVb0NU4Ysb3ATiFCifeL8O4319T_JZbrCepwF9IbUCfPJh55i2ti-RGPXMleRgnZRYUtHdxGmlaxuy5fWo8r5naXuzvn17GZi4bqTfMT6PBjU2_UjIEMhkf7_sKkWYv-DVTwBKg7o8FJ72A9gGtliFW4tMzUDnkQNZVx4s0cyNwD0SjrUleuBjdDchUB2Hfpf8HWYLyGZAH7cXa_COiUJrcRRuOwzUlmMzJy-Wd8h51RbBkoWIs0frunoDqxz9Ktp5Rlz0XgqSIe4ilww8BYKVbMAbtS9d9pOZcpXdGhudkrPfMHjVMITsAVRqi3TriEZtNEsP9noufAg9YVc6LTyilIJa3exUsjouKGDltP-GkaSIoE6TQZ82MEiIaD87FKUlX2qK7SWBdogkAbrg3MF1Qgu0vtSktHllkgRADzEiMYstvjrimPY8b7IvAlOajVhs6iKF7YvGzynVaF5U_yiDbgzIEE21qk16AG_rYcXxoeK_cfOa7MYmy8Fg0z0lRtBU2GVW8qNAotxkga8XrXi4hHijk-D4T6ppK_m90L1Z-gpR8GH2Fxivl9s_FThx4EGechi6dkXq-fnOWTX-sdSLpKg2fpT7oxCL2BUCwOQPqr6MF5ka_K9kt4n2xFrp3QyRx3UuPTP1QmVR812C_I5T-oyWrwvCLk0Wjy4DWtM6Vk-CUVV4w6t8epBsWvgmK0NpFDMld8oR_HlN5k1dDThAMzEVmpZsy9dME7li2cOtxc2moMsySUSSycbjgh2Z4bHoeYJXlynEA-vZ3QIAUYgdDo-9ngJVo55ERDECKPodv1U7Oqo3oAN9J4n5nOlECURR_fAAzmYaEozj_-bgErdpM8ya7vjIastdoXsVKOvzCNRxxucI2CPbz2sGuhpHjwazaltOBpbXAd99DfsNZa_Nhlw4KP9EHC_Egu1LuACF323zWT974V75tMmmutQM5C4Mm77aSdtRvITaD_BOhZ5oKyW2k7bz-syt_vcEdhWXbQqoOdLYEJeE9HYXkNTkQdXLyBp7EDpXloEyIfJvuuoO1iGof2HDjtQlCaaLUaa7jDlpX5snefsZqjfpuWiBnUJ20sq8viMYZtX8JjL6QtQLI7cGAQkFDiIQeMFXIX0C1-yBs0lUYqVtCI6ylf3Zcn1Ir3e0xsoOg-VOSiFFyjEUVoIZT3-XS7ldo9Nuo1SB8gpCOYfcrI8JnI24SoJW4-LS0tcayMjxhSlfDOou8bpy7ItEWlWQhwYl-8hNXDMD8Zkk6OnuPazs1dU2TeuQXUYIN0bXLSWRfdOr0F1zwG02rbvyI-rz4Hw3RiQzI-zzVjHNSareA23n0RjmjerPYX3K-lQQ74q_MYFCmbzfiuzU8v9ZC4rS03KpqwfCbfyeZVXt9wf_4c67mXw58aPdf9tw7HGJgmletbMb89uR3M6J0XfBp8q_QWZQOrr9DUhD3islgz57_ohTYes5sUyyCzyjCxxJgWcGxwEWWRbgU2T45xvnkiww_ZjGyYnezGeZzpRnHhPy_ebc3HvLNKIKMzPEHjUPLHWtC7yi7IaP1oU4F5oDWezR4swi61WGYbi5beWzhUJb1zP1l31HNScHDzBAectQQ4h5wkdKxFbPWVlN1Ps1RvuT3eoS8Rp5xm9-VlXCOfRuvFUQG0JsCoHJ0l1zCU44A5Av2F6q6ES-qUNSRCrss7iaqwdcbqP7359KLsDwKUSU1B35QP7xotE-FlIGwFGJnQ93XMSzyk9kUuKFloLvY854y7p2qsxAu-GbHJgAct7p7Yd-qwrpe8eCJbb-V33QXABFYodc9ajhFtSBcOCLrExf6MBzauRX6Hp3ViPTBqlTb7WHPswi3_eSs7TQbjStiJMkO5aFsNvaq8GDQoGl34lGDWR0Q13XVGi5BZ-863dpHMnAJ8ET_j9GXUw9DOPeuXP_cm_o3H4ODRroJXSAoyCotOnykXp6Gb5LU7nSIZhoKFm5OLYPN9rII425ZmO0FGWVsuM0_1xVGNFn8F3qWS4Vpvxlo_E4Hbu-QmttWh36HAXd-LIGd4HWFbuhs48YTr9CG4DbD95B3E5e8h2wpUYu7w9d2dtJGiyMPqKIP48_YarZwvwuBX2sIBLNtN38LV9GGF7zzzhCLfUMBIyoQ9bRi2iPCyJSkucmSi9gF_QudJEvPYzTCBhaffK1n6OKr5t4DB_Oqz7xEupt_i-ZmvqdbIR1UM89uWN92FjfQC6YBWzuviwPBxq4c691PoDoT7bdnwjvVOafos91u-CrwVP0i-fbGMDp2BSiVfUiUTe7pPyf8-d0HcBb9bvGmXZXcRkXxpyWsQoXhbg5MLCqPywGCCkenlb0B9BBV6No--UhhSL41VTjoxEgNltJI97VFG9wmnPqppIWnc8l7UoSEEAl_Mtz7-E8Sg-f_qjw830k35b8gFai8_XWWrFfOs9SM32tvgXyGxLGOniw66o9OHrpQkw7fhKl4DM0yDZIkWKTGMIWJ1goSWOH-yBDZTWRN5vQ27QS2RcOGazkncS48D_Xak_Fdi-eguYyMWxQJGXkyuyNmpPiZY0a_e1kX0arPm0o-TtfXpHr0Xw2YSlHXAyH2cibn3OUTkOm3Fi1OwFecR31-XzaKoozfSGCA_LCvOD3_w2HjM4vmjI6S7vtPf5SEzXpmSGmud47fG3okqEqVLU9QWWUkoU1cGBuihCYEoXvvXJ81coExwL9es%7E&ap_size=2796&nfcpm=3.5&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=P1FENXBMJkgoY2JVb0ZBPzhJCR1IuEsJ_gZ3BaZ7ScckForXLWNxATJZ1j8VD4savkgJbOPdgQc3wy92EO_PsYg_5VPzbpnAa46KyAnNwiHM2lrDLXREnRwVM9Op5x0zCJtBztbo_DMe5GpL7Ds3B8_G15RnWXEW1xDAElCW6g5Wg6sVunXC791UB997zJdeS0gSZP7mJ7FsORAtbivAag0mJRdXlqsUhLAmMcBzGQb8Hxn4YAr_5EyoPaf9i62cKeFp2PFUObMH57gy4zUsC5EzanfYE8eR4vGO4oAKihapSwsTjOcZtj7HSc65qySWhSk8tfXOp2x92tApJvD3ROa4KuG7NSTCMCQz2JlXMpaLbJR8nS2IKQTlmx7f4fzVm8CUcwK7zHk4LFA5TGLEAo2t8G61WORz4MXTe2GQ-oXKaQdplg1hnoXq-UVglzTqP1wMIMf28stTZQI9JySnObsC_Xsp1cB1YU1-WqiLgzTzWtFqy4vDmGqAIINgQMwldIAiW9JgpGZdrRRLHhELXnMHu9K6leemstsOcovS3gK9d9KUPhloMiL2_-YXxyRlJE_PSFc3aIvnLkcDL-_v1TmVU9E5KevFX8-jH5Wg_6P1PJV2fc0WkDGg226A0ukBKxTvqwf4yFwQm2EkWJi0XEhtyuPFpAPN_ksYQM76Yb9YFMDlivog1_uOfXVERQhzOYEMg4NpjQHAXpj4XvMdy5j-Bl_0mnaHa8gX9nHMa4a6URlGkPxu6bNoo08hSxeh6ViGQXZwsnfKp562qQwAxPhnjzjS3v_cdGfUFOiYDxfdiR0m-mzIXQed8EEXh2uGe9YOuJt7o6lEbDu0Pptask-X6A_HQKcljZzsbOtlD7OaXiZ38XJpTtinCfVAQCAg43YkOFvtDcc6m46GXqBqZEmPxKGnyJTiTzSPIMLX7rT9JCJkycRkMFA0V4Ec58vF613_JyErIbvA7DX_s6Zo1w73dZ81MwGb8hz3nHWi-U1cMFznvJnlwMTQEzZU5TeIZLOJPwV2zPFfCA2I-h2jXbARI83gttVPebx6MWOPSdgM82yWBqTtHMH4QOB92f6FavAoOuI_CRYDB-LZ6Z8I8cHhhR1g6z5WWFZ-IFQChZ_ZDieqLZdfc9uAGRmCHkEJRJ3HGMYMOMSYUuVeiGr9H6ZnjnSoZwE5BJ1BTDdVmLpD5OnP7xoQuBL6a55rhhpXGTNFcpt-peMRTZnWoCKyLfQBW7GXLPjy5fn3pTP91EMX_YRqg0kR78jHihNvoGVGwIwkQEOYLtiy8XTtt9UfWt9RvPUVdPkLKWM1LOkfOFWTTBwzp0UMt8gPrMgq-uISKwOyxAImsiaEIkVjfQRtZn8fpDw0ItsB7CrJps0vBtp23dDxgoBuj7BOxEsEfoYnZdzL_vwaPStGLvbSZjWmI4CxWoQjzXycbei6crfyQeZIhmTxtQKOhBcn2CbEeV2Qrar2H2pjNhx8VB72VVV4-b0Rb85i2nE48EhWnZwRu07hjygQosrFvx0YudmnghVDrhJPwicj0DRigMKi_wNm88pO6CWOAcjztJoPHTuVNqtOSmU7dcUH4BBC1fF1XfR1gg5o7g98DDussOGkmg5V2nmEHQZH1-ej3H0XywW-RfNpA7wlO9HeFw8vsqYzP_eley3A7vgaaJPGoQMQZv76mI_dc9eW6ZxxFErD3JuU1NvoE10hhVQjNwzJESaIZfyHwt_8Y_htyQRq45K6CsoQX9S8sGVSIhLzm3jX7hkMZcDnkvH_QJ996WyyPeefAAISVeI4uu79l3hWgnj3oaRy7PMS6yzcmMGpi5WsyFx-pAvX414qv_3egsUciSgeXpkzi_pwNUs-FF02pZhK419OQMsb8h2plRghDksKMhjOoKZv4WwswT5P2up2J-8xikNYfMGB3af7YxbCNUZp7avSwppeqjjBGXCM0aaFQY58P38ZBYKoi6-I0RAo917rOPpfWt5hCRwy9r8qwO7Hoz3firG_Okp5gtT2IH2W4tFckSqqCVFttOOmcAuaKNcd7HEcEZXuSeB4L2UjB5KPW7jHANOWo8BM-84BOsftkm5MrCT5pL8daQJHBW8BeP4Z9bkRI6klMzEymZuhOU9y5JCV0vYTs8qL8Ib99EEOU2rSNusJ6lqKaueiuq--xI38KdBBtjMwmeFYFh-Yh_ROHktbdz9OeOC9VXg4ka6Rrw224n6-7AotzJmbx-mBiILwghOYuMrJvT58mlnuFY7_XxZq43im3YB3SZbungj2KoF82KVkBLQhWKrLV2yIi0XC6DbpLF-SLrwq6MZTe3ig63bkRI_rQnXskYGfhU9THE2IiT2vFzHZpmPINrBredYWnRY7QZdi9O9vEMZ3r9VczijCZZIQ7jPGvcPJBT5Tc4roqysU6eyyKKpqNfiuhgtCxsYWsSfkrHymyrN6sjJ6qqBr91CZHdVa05HQqe9jghczs68ZZqexcczI6AUJgPDAqdPfGwnuX99_MpR06CWqQj-OzLxKfg46CsibgVKp9YSm8oldulzYj2T4Vte8Ydosk4YzUh7VYfZl8tVXgmnmM20rbiSp_dqgrjTiAHubJ1ehrqWTrQwq9pVFWLS3X73PxLfrcc0Sypc0vqwglvA95ylVKJ5Ry4Qr-f0z6g-rrRUL6rq61-T0r-n_0yuLPsKYdVzDQ40K8ceerHdSkrOoQAs6Jw723Vqf7ucNkorwty4F-FjkT0-CSaPj5fAxbYLDT1ItJvXEQQ6-jEuPWkqCZw9cJ-p_FrdwwoofunqQqJVYHn0%7E&ap_size=2796&nfcpm=3.5&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=fDZtNkZBUn5IeUZ8TE5OfViQ4udNbtzLQQy_EaWQ7abpC7RbTmiVsaLgVrvR5jSlU3QV-Mq4aSUlXmcfQ7BuC-dG1U5g3ke0kLHlr1YDB35tojVC6yyDuuy5-AxCindjZzeivFUt7SZZQluSoGx3-7j_0IkhZgXDkqSk2diCXFLmnTYaULj6clMt-6ud4MDNrdXl4BPBjxI7VQ6O6op0ach5JwdSOgtFoL7cpFPIAJsdR1f9axg3v065fW_gGyxTpb6Vrnee8pSkdqvzbkSTvVaxORfszJHMFWzaWFTP6tjZKvuqc5HVUVARaGJDjQKyuoq0dyujtNSDiT5a4F46pF_Up9aeEgTrMLdxc-X-37TNALt3MQJXjPCtmus58FnActIyFc2JF-ao8qeHklxiFvjz7Tpsk4cSryLWcMgl75S52pp85jhOxDVjoMRZ7qNRgmbpuIw8t_xMhdielxOlB8aidWNcHBDoUzbymSdtmp4m-NdjlMUdU0wrxnHY7U8CVioVQlAUL8WD_Y-L2eLWuQxj-Xy0dZk-fMg_Wx7FmBlpoyHPUHyyeSQ1942UFHTH8mUuNfHQMipDlfY7LnT_HWCbI5xsk5udJ1rQqADJa39LsUBKF4Uo--0Rzy21rXMue0M-MvJ9BE_tmIXrp6ghOWQaKTikAeQYVJUN9PI4qgAHHbjgVWwQavE73JZ1FAPuo6WI704HnZ67FtPjDQApUdApfw6pcOQF0hdmVkhLmgrchly4ija6TvXhm0Rzvf3SvS0IUdXglpqekpp7GUd6JFOnCTT9UIgBIN39kZhIGZXSgPA7vzTgmAqYL--Th6a9aHVUDIZVpesw9v6zroiU6tDyzOH3mLlhHDVSttbalyg7BtcSMFW1hcafXT65e5GKE7R_D6XsGGSfjKcWkC81h7lCiVI3vfFNYBlCKSvwL6WLhybRNQjtobsdDUiaoy9KMFbQ3vhShFTQMw_1yYyFbQv5NowCqqAVfN1JUosk2ddvyA7LPRDKrL4JlbfqVhKaVeuqpkRiJ1y6BaqO5ueox5EtZv1GkBSCflT8YK0SIjWB3gU7hDAuKbmRqbGjduL2LI0cWGJn-jHEZ2RHAghQ2xx1vSi9deJuntHAq4zXrZdRD6RuXLqmIGPxfcRRie4xI4LEf1Lo5N1_puomgginDjnaPr-r-R7CqFITTg6DN93NqlDsg8yau0zB8LV_2PddkW4GvIvjnh00_dkqRBc_PrOGcZ4HTy2oNeKY-It8zw4i-nxuVlOPPiln8yW1eoq3WlUekjTGhV6oOD-woJPahi6wd_Dua-9ha_mhAKP45Q_gJx2snrL2mvUBRFRBUEjg55nXmfK9zwli3m265Un7YXDPMZTeTFnK4OwGZEgKZtJeRbGR13L9PvBAhiQCs29u_fQO78qMjMGo1vgc_VO2qQJPJGmkDq2bwNxVKtH5UYEaTs3FKPfYbFcPS9gHUW1lhFZBWG-JEJVEqy4Lx2cbJxZdclGpq35eR0UQwNvgwIm4FX9_zt6OAbSnk-Gv9Ao2R7D_tCECrnSaIJQriwv498clwttIAwgaa7VM3IVp3ftzsoxEaHeZaUA8YvXDlHshkLBlOqZYpS8X9CV1qPsWDZrjnWsfex5_XFgV_BpDW2SJon7T9d0IvhAcbQydrGdHWgfgR370cwPNefEYdGZVt4siYPm_xmj8tNamh6SQV8qO2JJAUq23c9sKa9iWqx8YHpNG25ywx8t8m0zcNqwQwCyOUPFRwDe-TWFSGSn0WPuJTlPXxyznuw-_8cxwECbofIs-9OmmkhIE8-ID4qrgPg2LYLl7lO_sjW_DR4q1DVXI9t5abH207lqWzOioG3G7E1uo1BKRfoBeMcxpDN0jFCgX7491Tshfzj10jO1XfOJAsnS0uU3YV6GGvEotDz421h_UElLCW-sCS8TGR4ICmyBObo0xbQFTEhBg5WQAGmME-CMeOUAFP2Uk2ISk7iq6pygz2GJKRgoL4UtWQvClNheF52QdG12GKZqGHd2_dxehih2lRLA-mkhITQ0CEzcIE3KjmMDM6Jx9pzYUkzP0BmLBrhhAptdD1IOr5iMnP1T6FtP4S1WLw1obwcwdmh8nVwJBome7JEWnR1tevMMFs9vNTnj21hs5DqgwU7CULzI7zGbWqJvh0APdZi7oaomiAqWvJuO-Ol9JCEOI2Uok72kgRgeSk7bN9vCDLWqMIQx6N7JIN1DgX8klqCF7YLejwxtDExmx1YtJvDKVADtXbhVVxcGhiwjLqp2SiSvlAg6VzVqorEvilPwQ6dzc-5Jov2QPINvXWXCThs8dsWcGb2I84xJAX5Bkv7zldAQkVWJUIDV802Wbw_7WsnlNtGLEDxSQGiC6N1yyDT0BBL0I2CCvDp7eZPNTVSJvYPEEWwiFDnlM919i7qmFlgJkVjHtMsJARYf8ThFAF1jpI5XGsRm2V2f_53mkuNDlPrnQSwVEO_jhA_h0bJZqBemf1ECiyhKeR1YJBfCSeEP8wLA6BdfP1r2FPooJk2Xp0Ow8nAVjlSnn8HNI4EfIPN_3K_hyIIGCIy23P_2Cc4eNHlJ2c_SceWpcP7De8NoC9yVm2LFJjyW3kdqQZpWXhfR9mQtA4ex0R55TqmHdLMo7V2G38M3FzCouxL-ty236NpOnsUtMPh1ATj-zYwOTXPlVIyi1lNuHoYCB6gdDlmMM9Slt5ikyznykJUuXTNeE9lSkKxQiWOR-9SKKO9n9fRXePYY-hv4q7BJqTbyh5HWkUk-B1bSDYdjdu4ulJkRbPenZxgE%7E&ap_size=2796&nfcpm=3.5&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=WzFGWy1tZE51dVBRJighZ0s04dDV47Xwqnz4KAxwW1DK3_bTCJ5PZKLqs0Jn19dnZ7_qspcmmlWOAfTLy8Wz47XpGDA7zZFFPV0A2XjXYCPpQOQ9oiuNgkNqRKpuUhfNg4QeXGHADjEoVpijC7jsMENVgi2K4OkqfpjB6DyEEzXpUGZP-a46OkfN1uKS352wnGJhryCJ0bBBg3sQB_xL_DfooexCbikRlKKGncvIl2MS7V-GbK3WDuuv0Z9Bt-IAbL38AO2VoY8AvDnxz_c-Mvig_qKIqGy32W-bDesDy4k1VXT4g5T4LRUrtLhTgQCPTyluXX28pwCn3vxbLxoYHXI86C3Dl_KF7FBE3Ii4HYFbaAzJbC86RjSsYKg1pvSjRAjFPtWX9AJvaYU5UeCgVZRQAKvlv4F_xkBADO2-oVMLxFO9gM-6wbcAExKE9lQmriwigo-2rMN_sOdzCSwWzBKSNcKkCCWq16Rm5ipiDyysLPEwsxtXwXQIDigfjU4K3nuahh7UeMAkmyqRUsvkLG6Vu1NA577pCHNMEORBmoT5oacYVAr3p5WVmIIhskU5xYhkUD65a1quvMUmuedq910RwaIB-zsbmbFEZnwJD50xAzxQGSmgF2Nc9IWLTzgt9IEtEf7LAgPy-e1EqFqkj2rP7FqqfNZLdyuqfxE5doyOjYLH_G7tRS1uIvCgWsnrXSpOgg8PEAf7ZdaOqxfJCovO6nqgdrMl3_4cOsN05etcpzMyL-GucXdq0WRBOM8DIG0nDLodYNHz5MNl68eJxj3DND0A2dsds7jhnIHDamnEK_5dOXVD50SSOngRJG6JhqOtyFBPMTQPlk-n0YhtmCaju0x0g8WKsY3F27BFDX-jR7kAMZivGMkO93AZgIOAlTtWc2gQi68p0qwsX2BuPVTkEtyuR0S2xhenyZ3f9u6MzYzdTccrSz8lK1E5-vOjHuL0eHrdMLuResOL9PF45svYz5lNiFbUyOgVgECxgPJCYFhjJbKU63XRW2f5w46JSmRmf328BnJXnwYU4RGIW8rnHe0ViFJ5RrHfihOit5rGycn4a119Dwz1riR_hu2KmhdMkpKU6f_cotnys9fxGQrDYJSkXyq6LIJp4FooSfjLLAx_C8uy5HCg8IZYMApXEZCVmNeZQsXnZKNZFEB9OWsCW7fClC9ZmBLKVKzXaBonqojelgIhkUroM2rc4cWDpr3dpH9b10dtaGY8zhQWYNBkePV8IuPToE6qCCmR0XC2xWch60l7sLfaW5MDt91D7VgEHTFoNXKvn3ey1lp4_f1bFYb7Ba6nTn6v5cO5qRYyZGxMwc-m6VHLOhW29Lqm2NHyx87lSiLkh758WxRjaE-8fIJ1COft097qgf4edZkZAkhcBOsUytvueOPsR_GbABBUJVnRUFWqPj3E6jDDLlK-GwUfMsRzmMLmVXomYGfuIoTCLF8rwGcQrNaTVpb4ak-wiCrMO4QsiKNrkgIdpnlnTcrJj4RkExYwupJFsbFc-FZ4f0axSg_ODpo-oFRIrPWSfIzj0s-YmTqsQEIYMQsGZBUNsVYctW4BC3Ux3k-7xqXfQugXK-3bsl6SGLp6vPrEkYiYmCUrBm5hKKRzxjNl0GAUn-4BArT9Amf1Gjdq0CC4m74Jwdme94mDJwjDXAFQ69yKGY1ErJPrzU0P6nRibecBXvXjL-YayJvDBbY82og4e_VsU47mrnWB-f2uowrSsMPTlYKc3NXTiKt2phtk_8gqwyW1rtHSviFOV9S27F3Q1QEenOBdujmvfaz7nKMsXeHRpnd3aAF07Ut70zZcGZkvMpjhmC8S_uokAOBFhTOkOd8zTV57_Clk7skn79Ua369NfW0b9-f6VXo6EY_ZPh0EHENhegVQX8oRnUDY5-j_pRZLv1Vj_trcGbi5Pi68EVEnEtGxaN5xXEhcrmo9HFoUinEcsY3cJoQeIDJfcAD3-G8qpoXExUNmPTVZ78lEefYzAIej-CvomzeXHzyK5YM8x7Ut7Y0Or_skU-25-8OvU_ZltMcenga0R60S0tzOva5fQjBB5nQ_Gbazn-tL1Hw_95C96Cl8RIvlyshAlGrzQ9HX15rYgSYu0xdDEU_6r0JD2rX0X3GedYNuJRE__vVkDNGY_egxCmgMm8hgoQAigCe5hxv8xolYflrILxtdOJq3L-3VJ0seeKegIp-K8aktKAUa4C0pexzMdqDFHuhdn510wHBeub2EIyY_zXoPny3PEcJokte9YoNKY8miUuJBuu12g17tLBaxYayBVQs5E8Ai3TQxBSvGX2bHQizsSk4seKkddPiLiDdDbuqg8zaR-9gvpjInIC7PSatP_Eq1uCECiZVo8XHATF2mGJnDmH0xYYuoIVE3eEvAbkMCnfmjRwNCZHAxmh2Dslsu9FPksPPYes_AfTzwXBNOUjzsndJkHghCRXd8BmxT7UJuDmdXZf1Z_Zdjxgo1-NOSzckJkNKWXhwQzH9l4jtwIh7EqZPhlv2xQU2mmEjtQku14TH8hpJSy1ExNJkldCsum7DvxXuu5p4kUSHOzrVGPN-vE1Fr5FC95bf-BJEMNhxRg7EvGbYvr9tiSnwjYL9mD3jr0xqDtcbFkBYN8OT0M1xo3hm1rpofMj7psmA9dPBanFhQmPcSnaKEdUac8IyncrO-0JZ7Oc9IbwVYKCQdxyQTtRy-aH1Rg-axG7rKtgr70MAXQhoRvTtOmK8kuAEFnvrspudgpKdwZisZFtcqWwX_aEYc9HBJkdF6KBJb0PcooI1bu9wAXzH-owcyY1I%7E&ap_size=2796&nfcpm=3.5&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=SEFcJEdvbSkrQnomTEFeTPzOQFY5qQnkjX8sptnkB93hU5wropalYWImb39vypCBRKXR7YHlr9UcVU7T8mfOh7x5vnpOhIFmvtFMYkLgbB-F83poO_1Un8BlA-Y2uLg7QbFDpsCu77zIGsFBdCBhQW55rhTSpXtBUuYYcMXHqQ-K9hj7c3VwNwCz-TCRBo1H04vBXrCuQQvgUbtE31qHNFHpfr1M7UTjaasfzGhiCIfIFOabZtLQAMK_k9Sl4qic7GYsT1SYIzpXnbS9Njkkr-hBm3YEA_BdeBYSAKiCErzDcLa-Fi443gGLTOKqeewweUgTNHxhJQzW1aqvCDEgBi_LKtXnS1P4u_feMe0_l3-SqoUyuZ_HxO2q262IRmcleXpcachXTzJeu0_TqpyvhJ09bvbGT02FE5Gvwcs5zRd2zvIrqXPPPtBC_eXVnJY1lTIrnq6d14kgZKFSm3E6l6Qef0PBW1Jt8s03E4mnNk0gK9n4eJt1unOwcBavbnPNpe88gb3_zqOURObc4obGrf0agUob-psqkjoaujpUQ85lEswGO7xUIEQ24hnq-oFwbB6lvZUG-3YJ1b2UKRKgMmxw98Qv5VGosvA96WxGB-TpfV41ocIn379pac8E_GAj4QTYaMFZ9LiI7m-qRnTC9g4cushHXGTD8-vSNt8DmkIBV0dpIAnu4qZVrjgtPdtGLq20saYJMGudVqAJ7T2Bsciqyi4SxOemFPeO_fpF5WNNDDIfSq6xa-BwF0iFUW5kbA-GpVaFzbA0Y_v-2A-Niz8qH1ANmG9snqxDJo_KaGUcHUoaXpNbeHGa7iv0PEtCTUma2FVWksSghKdF2CBodPSfQlgVIjzO4jQKMHl1ddW5sR9Ttayg_2JlrzrUYW8Sp19FsftXF--SPpep6GH8UpKZugD0U2OfZ3-UZeJpHIBd5ZUisluqx4kaQ0DHiE7DcRpc-JwQZE4U63H_JnJX3lo43lQtiTYnbZkkfI-oWDdiSEbrilAoE9-SDrsVYK-Wwd7C3hSMw_EFHXmIvtgvP7Thmgov_WPE6GLA4Ee5g05oxrTGETsxinE6G5odP_6ii0C47lxQa2Ij009RSoan-oWSfqJ68vmX39RnUDm-_uUNFeSsdOZXxyT89P4IPzYqPCoYw0joAjv5Fv6e7-hsAseL8PCnZq791nKxX8r6Y7QVKxIqWqEHS5DSQcDEcMYOou_TwYWY_rgEagHsiq5BbjIvRDa4-FRjGfvMktvgA45z1Vg7N7_1u0wr8n9T9zBKi6Te0-bM-1RrOKP1h4GifRv2tUN5nESsJ9ffoYE_7Lq7ko_Kb9DTf6LCbswa1Ic7MLyPkXYNksqvdohAgVzlwD4ZczEfbYB0JwpCDyvw7bGkkWZ1eznOverYwxCHsGbJitg5kRd51KnqIDRnuJWccmnebLdqm2nsJoc1yKlAK7LtczdGjrazH02vuoVT3JjpOuidmwSHj4VlQlqQwrvYRc1X9MXeGLcSspvIGCCFYboYO_5C98c9pc54QlZ8IB18Qc84q1z6pE5z8tDhOf0gECfKRF00ousjT-jRdBpQiaS1n1x7uQRYCjHRjT-LgKEit1491xH5QPxPjd_eHVsmJg7tjs1JzAyQyjaAsTEzuHBNlejygiGEsn0NgUhY37ZOHPYQQHYm7J0wSzbTBDSeDNAMYHuOWLFtxd3QmbpeSltJ_64TXlY8t6kPMPGrS4Zqapb5jU0nTTe4rzS-DsjrtvualCKboZEjC1auL0jB82Xx60Vvo_lKT4VPLkkOSOmuDWSDYDnOEPSQp8LkbLDtdE8y48tvchFblcrV92ceLfo2DfRpdo-7eP_ENNk7mMqzfMa4FeE3iC1mlVhhXmNsVE35_65PtteCPF80Z24TIicXOWALDRorlrX_COhWctGVLsBIIsRMvmrlBkdfX4Fug_4XkWuUzld6KJlHy5DpI32aagPyZmMRMvtCrKkVpElJEEtOyKBQyZusyC8gDcLGa5Ux0n5U1O3uWux0aspCYyWZGf6EoSWQrYhfJK1BVARa3cpII-IYGFWsgYC3TJWoLIipcp29uuD3p3NlRODcsz_ishEHZNuDtJmMNmOdso4iKAkmyBt8eiQxYXP1RBwe7AOVBUBY5aJmsVQW9PGJPpJ_JIxfCt1LODT-beK_dtFOKij28DWKbXPynFxIykdDCUe1wMBq2u0vevhlqfOdAQbL9k1rcvrccad6VOd6IQsXemZkhrITm4KgNCN3cIDBlPIcL59wBBhrHB8djHlzBwoH2_5CF75vR45tycJ5SqdyR5snY4pwppUn5H-VPIZmgmCBSLFNd_QaaNJofRL2v2-nz1EEQ9qxNpC718H4jUIu6sKwVG31WWe57fAxcNyRMWZY6av2GUmiSSMjX3GBpWZCgEDR54vLXwLbICwpAOfP8IgMLj4NPKJd9lY08B_9vOH1NztAbOTRyThUbqC2znfeNPWVXI_ndfGoD2mIA_sKHJ8dTXa4-nyIiCjPXs5fPzjTs67bWHS8aov6mDufwSqrRmH_dckvFfimlywHJRFpwY2c-qjtoYfNgBQUEM1xFBIHznwgHRvx-5pG8ZmAVPbqGBXb_DvmKD1xikNU76ut4DARlrkrL-wA5PRJyr2izHMMxkYH2yjqXbvLu4fy0z6H2-37RZl4RdnLPZ9ryfl2e24SuHV5b9g_eqGNZZ-HDokXSUiDSh_xKGOyPZSvj4T_UFmQxieQZ7mhZF03nulmnYU9maCog7Q5H14gwtjb8CqMtyc4mutniztGST5EpK8%7E&ap_size=2796&nfcpm=3.5&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=KEIpRks4bD40Q0o2dnxWc3q7eNYaAZMFjkCTwhrSmGP7GJujqmMuVArVpZOQnI4w26LXyIUPkMudXZ6noYt9em2qHDwuBPn20f9RUxNQ_a_2Aq58QvdPvQJSRulkZ76zO2cjKTvk4xaR_DWJ68Lz2XEAyfgODwUF-2VJT5gATa4-j05vjg6iBsUUDu5IooP26Y5uusijyQkSQO4VsPB0t51kACyKZLnBncb5hLS6XBErI8c1pupnu4APd0yWVWWtQvjZJOxEt-k0bSdx_R4T9cm7lCMoroxqi-Ni2b_c59mS6b2UPMV8zILqMX0aiUEwNT7cvTq1f-j0uoXfzJrpoXi7C7LV6CvKK5ZO15oQzJC56vQdEgcx3ClDc9_EjXuLWuErCv_EbPELUyyRIcspfHpdoBr8HRB-5_DidwWUFRVCD_DQfNrEpqlDIxxV5H6ZYnAj94hYwNU_pL9cjQ8IzzH9OFcu_eMCrgzzBJlK_qK82QAh7gSRmIx4eH2UuCMApWGqUqHN19tZEn3isQfhni8C6LeAckFB8peA0EF6NNpDgDicZs0v1cvEj09o_NPhsnY1tk-P7MZR0RxZtvjF41Ky8tK9LsuvLlU12HQTuj4tNxTbK1Mvd-L2a9WErtK742zWyuuEzgR_c85iDZb6oiKpbe3Co5o9EmwlGkrSDPzl0AotZGXMiHBKS4ux4K2J83VYSwPoSW9vpWZfsN5Jjlr7MnOJN2_gHiony3hhPzJsnKVmvyOH2lWLiqxhU6Ts1HikXiH00qp_2mcafJw47RamKK_S8omaUydMK9qi5kb4yLpn5zhHOt9_awC45IZQeB9CUcog6W5YifAkjtgohPWQYvKMVxNFuakRPoLgg6CH4BidpnlEecEYiToPWyMeAVnEtDzJAX6pzXYJ_pUvLyGB3KXM3Fn-yFUyO_ipUcW3r6eE4fhofp_KsD-R1yJx9ThF_lDQXGYGIEm2pd5OJFqrYLYLZ-4aLhBmDeiCJRyP56f18ngW5dW44EQH-djyIYxfzgf84Ps06TJ7Nyd3gG9uWHlMWyboJAnXMUzUwj2uyR2ySgJjaood70ZLgCKK-EIaMI9TcLMJYI5WNzrCeVVcHNQe8-sw_0vak6v9Srabg9bOM9BPK77grb_DkJGpUcjjwcgF_sWOhukKMkKybDl9lF7LIUvRluUUkukSqfg3-1Xr0rQcRko5Zj0dvDu_onZGemuxafpqZqGwMq-R7nrxQbIF60j7LJzYoVECpgPiOpmM2yOCcNk-222jFCL7YgV_ZsQNrHOR4jIzvneNjJRe_gSlybdOE0SH6kr2JJsLBTvpSkiSGhM7YKPDPcNv_s4FNx8Wfl81xoSZzR46kSWUWdL76w5cU_Te9-tkf-08v8eW78uUHiVFDasM4q6IGvB4vPRDd2dIx9X_HLmpmcb9zyUj6sa-1c1_CVFL0A7nMWXw7TcW4z7XdOdWdFDsh2OKW91WSHMvlCFfA5kyJ8lZQVg27szuN4MSQKMvS0fFpuwQp819JUyayKAng9aZU2A6_uqC3ZioKW0TlcZE4druHmsDzhAKHFAmrTiTXp8LAdiCc4di48BcOPlMcrirDbAIsLy3GWlcpbxRdQOn4ntOsfU2BXBtKOLI65wgBxaobSQX0SQA8dAUjQ2Fq-F-M6MnaP6Q-LtCu7sRZngOfjDSp2HXAcOE4LLgcze6bNzU-4n25iyur9awGX4Q_afrb0Mqx3qeXAtCcsUMnCwctM5AtCMJvXaLx5pGmJx6FFREClSUkaCgnA1RuBv3b-_rF9IkT2bJ8i0HfNfyhJ9qQzHdI4BuXKYsJFgFH-bJ1jXxY3UBLQXxTkoQMX4Kj0vd4WOL5PGQQKO28Wpf9FNkr9uN7Ef1MTvOhyXUj0WnvKEMv21UaVPVWklW-DXjhR3nBfcTHuBg6MaHucP3CanzEldQKlkWQbOBuXilZB1D9h7uY9gw9rHoBs8EVjVybwMfJYQOfjPimLhTCjyAs9b1dWLz14IQv_M6eLdhANGxUdYjcLMJ98EyfhVJd8m-31uEdGB0DjawEOiC0RSPhSmo-2HNc20IESxmP0yZKT9APxQBzEBpol-IVWdyFy1MJaEc0elPvam0N9HjI8oSUke7mRgR7OT-D-yUC2KiAu48r1UlU72OF5o7nIpV0kj6a7VWDEMnz7A33DTCph22qIaSKuKUQLHY5hTJwklf4RsZh1RPRGCWaOFJ45QySlC7Bl7ZITo9q3Cb-IQvNJWX39SDBH8aWaIYFskkH4oKTEguszlXgAFlqDAUqQ1RatxylvB1zJbRq81rCLGGjftEB2XlSz33Lo0IODlt3uvJDIfUP6sCe9x3F-W8PDPi6DsWeWOl13C9DPvTlZrxIp-jNNLCshEwr_KOEOcOH5xR1m-kU0zaRlzXAkw2uhNjK6JTXmkB4cruhmHhKprpif2-v5m8_U6zQU-rQrRQOyBQoFlIC4PycdcyMNPfO7fcpVdfvPWpMsxRwNEP3DC_ADfVNxmFzb4Th4HnjehTGqxPNOZJ_VXtWfBt2qhqu0nc5KOQx0c7jsOqCh7pYS5kiW8yRzL006YoroZTgoNNnoAN0gz5_5oxkIPElaASJ6yeRIETi_gKjtGuXQ3nKfIQtYTQ9kWSUkwk-WUrtvCJXhCgfNljroxQK5Duommm8lZCd1y_HTq00Mw9PJfS90aB6BKIEBP02q2enVgkMZsbzdvu3hUC05FWUeMfqJ05tyz-O6lZT1PDDOqi5VH-imSL97VY_6399Os-JBmvAR_dcEPIOeZKZTg%7E&ap_size=2796&nfcpm=3.5&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
ac
www9.smartadserver.com/ 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1697444138986&pgdomain=https%3A%2F%2Fnews.walla.co.il&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2C1!playbuzz.com%2C0012000001ONjKaAAL%2C1%2C%2C%2C&gdpr=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:38 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17136&site_id=474166&zone_id=2814688&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=60&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=6&p_aso.video.api=2&rp_schain=1.0%2C1!playbuzz.com%2C0012000001ONjKaAAL%2C1%2C%2C%2C
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-208.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
13721
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Mon, 16 Oct 2023 08:15:39 GMT
expb.js
cdn.ex.co/prebid/production/release/1.7.0/latest/ Frame 43D7 		541 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a03a9427932cfe62b173c84a6d54a73d22de419cbaed9f931039a0e6e22680b

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
183350
last-modified
Tue, 03 Oct 2023 11:33:51 GMT
server
AmazonS3
etag
"b89750c769fe8f8751319df0a2628997"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 23 Oct 2023 08:15:39 GMT
master.m3u8
cdn.ex.co/transformations/production/df05a23f-8b2b-462c-7ac9-942b4a3263c2/ 		0
0
66134e8b-17c1-4c14-b0e6-2d0e046cf8fd
https://news.walla.co.il/ 		0
0
master.m3u8
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		430 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/master.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c4e2225061ee113dedc17c2ffdcf5e703ccd51e685e9a245fa534e3d7e6dfd2d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"e7b8070c5a43a48dec9964d6ca53b054"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
189
encoded-3.m3u8
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		1004 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/encoded-3.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0d0f11ad7d715d316d9ad92961553c41ae5ef043be8748da874051bfab170612

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"46f7c26b68f4cd6769a7d3f9a5e893e6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
241
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame DDD7 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
563196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 19:49:03 GMT
expires
Tue, 08 Oct 2024 19:49:03 GMT
last-modified
Mon, 09 Oct 2023 19:46:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 08:15:39 GMT
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 2506 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
563196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 19:49:03 GMT
expires
Tue, 08 Oct 2024 19:49:03 GMT
last-modified
Mon, 09 Oct 2023 19:46:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D87F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 16 Oct 2023 08:16:40 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 91DC 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 16 Oct 2023 08:16:40 GMT
file_3_000.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		172 KB
155 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_3_000.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a5682de393fa466b2542d49b5301a201fe11c023ec58ffe412261abb45ac7ee

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"b2ced9989d8431e70e887452f4963795"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
158592
encoded-1.m3u8
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		1 KB
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/encoded-1.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
72db4701b1352d27a5fb4b6d0d29d91c9646610ace01c1c7ba1201ffd273007a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"1e866ebace10841bbc264225a860be87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
251
file_1_000.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		153 KB
145 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_1_000.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
794c062653a7f8e68b233700f53a7fb3724e5cd361d8605cdceca6a5948c9a2e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"96f947eaec09e2d3798239eb4436a89c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
147752
shim.gif
creatives.sascdn.com/ 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 08:15:39 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 15 Oct 2024 08:15:39 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DDD7 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2C43010785%2FSMG_Playbuzz%2Fpreroll%2Fsyndicaton_8&description_url=https%3A%2F%2Fnews.walla.co.il&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2333961142120947&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4188761687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=9A75126C-1241-4750-9FAD-3C031BFA8262&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401&url=https%3A%2F%2Fnews.walla.co.il%2F&dt=1697444139485&cookie=ID%3D5b10ba2110ab9c23%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MZDv9ShvOnBMmMyYt5A4gvA6p-LBQ&gpic=UID%3D00000c99fc91fbe4%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MYZw1-b24AVkLGVzBT1fnq_TLVGZw&scor=3280602798479445&ged=ve4_td14_tt0_pd14_la14000_er229.800.385.1100_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:39 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
229d9877-769c-4e07-9970-b8f9edea4152
https://news.walla.co.il/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://news.walla.co.il/229d9877-769c-4e07-9970-b8f9edea4152
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ddf593f4a8eddcd3d638a211dd91a517bd07b43f8ea933695dfc161b8e2679f

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
374903
Content-Type
text/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame 2506 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2C43010785%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fnews.walla.co.il&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2328852376293966&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=937164302&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=9A75126C-1241-4750-9FAD-3C031BFA8262&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401&url=https%3A%2F%2Fnews.walla.co.il%2F&dt=1697444139496&cookie=ID%3D5b10ba2110ab9c23%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MZDv9ShvOnBMmMyYt5A4gvA6p-LBQ&gpic=UID%3D00000c99fc91fbe4%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MYZw1-b24AVkLGVzBT1fnq_TLVGZw&scor=2960904525194531&ged=ve4_td14_tt0_pd14_la14000_er229.800.385.1100_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
file_1_001.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		84 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_1_001.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f78ab8dbe0f0c658fc982008814334bfad5c18eee0451dd3bd0865ae8e2b019a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"1a57a59cac2fee88c9c662d69243e470"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
80478
thumbnail-360.webp
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/thumbnail-360.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
92f6cf610b776d0664dde7ed293ea1141b01f68d9a5bb584f4f85f7dbb49e050

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"fe6ce85c53e1e12fb8e37a5d3370e029"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
20050
file_1_002.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		199 KB
184 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_1_002.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6f614656b02cda8526fb71924243797ab59384b047a44bd0f432ebc38b46f3bf

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"3e34ceeea92d01d3be41b6a87bc8b0df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
188254
file_1_003.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		297 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_1_003.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf3a0304fdb028dad45d4aef02555aa5dbf9b4eaa42077b2a0cec6bfd7878cc8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"8aaccf9217b5357811e1b0ccc8acf20b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
283110
file_1_004.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		491 KB
458 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_1_004.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
21f81a35eef3a79b83eba6178ad89acea8d56fa9818fcf37612cc47cce4b1c2e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"a08c4aa485a6dc3fc37fb3343e48a0ff"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
468045
file_1_005.ts
cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/ 		543 KB
499 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/d3feab7f-f309-4f1a-7f0d-b9736d23b372/file_1_005.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b85a3d6dc43bde7ec9acbc3be3efa5467b0f3dd60355deddf5dae83336944848

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 05:21:38 GMT
server
AmazonS3
etag
"2492967c6dbcf70822fff02faf30df31"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
509910
csi
csi.gstatic.com/ Frame 2506 		0
0
csi
csi.gstatic.com/ Frame 2506 		0
0
csi
csi.gstatic.com/ Frame DDD7 		0
0
csi
csi.gstatic.com/ Frame DDD7 		0
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=DwFmPwCozCNWD0k4v3&d=news.walla.co.il&g=20047&g0=%D7%97%D7%93%D7%A9%D7%95%D7%AA&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=8149&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fnews.walla.co.il%2F&b=812&t=B-2nagCixYA8j8Z6LBpkjxW85ERz&V=141&tz=-120&sn=2&sv=BUqQVAC1HaN_BEQa0Sgf5mDCB7QOP&sd=1&im=061b0fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.34.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-34-232.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:40 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72?passToSdk=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.86.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-86-123.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 08:15:41 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.walla.co.il
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 16 Oct 2023 08:15:42 GMT
prebid
id5-sync.com/api/config/ Frame 43D7 		136 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 43D7 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13963
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:42 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame 43D7 		43 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
x-server
10.45.24.120
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 43D7 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
31277a6e8eb5500f773b54c3573538f599feb412192f21ac1019818098577b8c

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:42 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 15 Nov 2023 08:15:42 GMT
prebid
prebid.media.net/rtb/ Frame 43D7 		1013 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUB64530
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
8ee564f221142145ae03a8abba13c0ea2f217f733791923f1c45e38d9b0a7a59

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://news.walla.co.il
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 08:15:42 GMT
v1
prg.smartadserver.com/prebid/ Frame 43D7 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 43D7 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://news.walla.co.il
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ Frame 43D7 		53 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
66bee666359409ba4812c346ae5d500a8391c89e6d588da8016892726d784526

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 08:15:42 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://news.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 43D7 		173 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3c5d71690fc1af0d970fe810c65cb781791ea63e9393d54355b5a490e379cd18

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://news.walla.co.il
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
Expires
0
translator
hbopenbid.pubmatic.com/ Frame 43D7 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 43D7 		37 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=624104
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2197d4d27f44cbcd41e6d510605fc651f66084ba930b538402e504fe1f53d31d

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tdlkt32DkGNabdo4wu1Q1FilSUbgC7wZuw2haNIFF%2BAhKjkYpxpBi8z%2F4JyYmkfUAvbv4TP45CaPbj0%2BoCCzIrc%2B%2FtY1yJJ0liAeOsYJphKZFJdIpxpn1S3pvcWoReCYaFCpti%2Fr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://news.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816edaffcffc5ac3-VIE
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidvideo
ads.yieldmo.com/exchange/ Frame 43D7 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.18.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-18-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 24EE 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
563199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 19:49:03 GMT
expires
Tue, 08 Oct 2024 19:49:03 GMT
last-modified
Mon, 09 Oct 2023 19:46:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DDAD 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 16 Oct 2023 08:16:40 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 43D7 		33 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
10b05b2a475af5332273aa64c4934d61d4c70efa292af8eef123c79e4d1d1f2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1235.json
id5-sync.com/g/v2/ Frame 43D7 		276 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d7e5c6c8ea8d03cf8cc2dda4c82a58df50d561fed4d04068d1df8d3b6f3fa9ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.walla.co.il
date
Mon, 16 Oct 2023 08:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
pubads.g.doubleclick.net/gampad/ Frame 24EE 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C43010785%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_walla.co.il_5&description_url=https%3A%2F%2Fnews.walla.co.il&sz=400x300%7C640x400%7C640x480&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3800924516470357&cust_params=pf%3D5539bc54bf2e&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4188761687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=9A75126C-1241-4750-9FAD-3C031BFA8262&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401&url=https%3A%2F%2Fnews.walla.co.il%2F&dt=1697444142269&cookie=ID%3D5b10ba2110ab9c23%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MZDv9ShvOnBMmMyYt5A4gvA6p-LBQ&gpic=UID%3D00000c99fc91fbe4%3AT%3D1697444126%3ART%3D1697444126%3AS%3DALNI_MYZw1-b24AVkLGVzBT1fnq_TLVGZw&scor=876024796248161&ged=ve4_td17_tt3_pd17_la17000_er229.800.385.1100_vi0.0.1200.1600_vp100_ts3_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
csi
csi.gstatic.com/ Frame 24EE 		0
0
csi
csi.gstatic.com/ Frame 24EE 		0
0
areq
a.channelexco.com/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.channelexco.com/areq?sid=&domain=https%3A%2F%2Fnews.walla.co.il&se=7c4d7d16-6cd5-4fdd-a80b-ed2538b139ef&pv=117.59&dd=news.walla.co.il&gpvck=v022829073__600x337______DEF__nil__405&sa=shd&dmid1=1320259211-371228135-1884015277-1859975197&dmid2=1320259211-371228135-1884015277-1477400787&dmid3=1320259211-371228135-1884015277-260672383&dmid4=1320259211-371228135-1884015277-1220972973&dmid5=1320259211-371228135-1884015277-421257535&dmid6=1320259211-371228135-1884015277-820530290&dmid7=1320259211-371228135-1884015277-1846395185&dmid8=1320259211-371228135-1884015277-161327955&dmid9=1320259211-371228135-1884015277-417280342&dmid10=1320259211-371228135-1884015277-827893021&cb=1697444142536
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.204.131 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:42 GMT
cache-control
no-cache
server
openresty
expires
Mon, 16 Oct 2023 08:15:41 GMT
dc_oe=ChMIhdeelJD6gQMVLfQRCB0JAQ1vEAAYACCQseZeQhMIxsrGk5D6gQMVDGbgCh3-cQgN;met=1;&timestamp=1697444142851;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6740 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhdeelJD6gQMVLfQRCB0JAQ1vEAAYACCQseZeQhMIxsrGk5D6gQMVDGbgCh3-cQgN;met=1;&timestamp=1697444142851;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI96KilJD6gQMV6OwRCB2-KAc-EAAYACCCs9peQhMIycrGk5D6gQMVDGbgCh3-cQgN;met=1;&timestamp=1697444142890;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5902 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI96KilJD6gQMV6OwRCB2-KAc-EAAYACCCs9peQhMIycrGk5D6gQMVDGbgCh3-cQgN;met=1;&timestamp=1697444142890;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 08:15:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: news.walla.co.il
URL: https://news.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02257c6025102a477f5f18176c271ff64eb563acfa7ccc93cb70c0bca05487d7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://news.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:15:43 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 06:34:26 GMT
server
cloudflare
age
0
etag
W/"dad140e21319dacc0ed07c8ea60265e55c45085f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
816edb07fb235a68-VIE
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://news.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 16 Oct 2023 08:15:43 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.walla.co.il/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Oct 2023 08:15:43 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events
e.channelexco.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tr.dxmcdn.com
URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fnews.walla.co.il%2F&tmax=3000
Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnews.walla.co.il%2F&PageUrl=https%3A%2F%2Fnews.walla.co.il%2F&PageReferrer=https%3A%2F%2Fnews.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fnews.walla.co.il%2F
Domain
web.hb.ad.cpe.dotomi.com
URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ddbaecfb-5329-4c88-a566-ca737715c904&l_pb_bid_id=1090e3e5e13f5b8d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=389ea43c-aff0-42a5-b8ad-cd23888b0ad3&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&slots=1&rand=0.0473138839358358
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ddbaecfb-5329-4c88-a566-ca737715c904&l_pb_bid_id=110e9a0d4f7f9a3a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=563a9657-a634-4e82-84c1-9596270accd3&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.7770873270361107
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ddbaecfb-5329-4c88-a566-ca737715c904&l_pb_bid_id=111de0c6a732526c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3d6879c6-a154-44b6-9446-f9fb3629dded&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&slots=1&rand=0.624425450881626
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle2_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ddbaecfb-5329-4c88-a566-ca737715c904&l_pb_bid_id=112d99bb3dc6e2d7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=cfc5a01a-a879-4b94-9c10-41c848a69bf3&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle2_desktop&slots=1&rand=0.3677285942652868
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ddbaecfb-5329-4c88-a566-ca737715c904&l_pb_bid_id=113a687fd42204e2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=23fbe3e8-86ed-4c1b-bf30-aa6f25ff03af&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop&slots=1&rand=0.19196414242788973
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.domain=news.walla.co.il&tg_i.page=https%3A%2F%2Fnews.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ddbaecfb-5329-4c88-a566-ca737715c904&l_pb_bid_id=114d9f4314dd080e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5f00daaf-c134-4362-9720-e5ecefc5f6f6&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop&slots=1&rand=0.5400193804989304
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C7E7BC18-34D3-4297-BB25-D52CD968471E
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM8B9zezdvtFi5_afXg9A8I&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cdn.ex.co
URL
https://cdn.ex.co/transformations/production/df05a23f-8b2b-462c-7ac9-942b4a3263c2/master.m3u8
Domain
news.walla.co.il
URL
blob:https://news.walla.co.il/66134e8b-17c1-4c14-b0e6-2d0e046cf8fd
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnsmewdu&c=6600574077272&slotId=3300287038636&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnsmewtv&c=6600574077272&slotId=3300287038636&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnsmewby&c=6600574077272&slotId=3300287038636&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnsmewu8&c=6600574077272&slotId=3300287038636&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnsmeykc&c=6600574077272&slotId=3300287038636&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnsmeyth&c=6600574077272&slotId=3300287038636&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401
Domain
e.channelexco.com
URL
https://e.channelexco.com/events

Verdicts & Comments Add Verdict or Comment

317 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData object| _taboola object| TRC function| _typeof object| _tblConsole object| _0x4bd9 function| _0x5163 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO function| _ object| dmp object| IDXSurvey object| google_tag_manager object| google_tag_data object| __twttrll object| __twttr object| gaplugins object| ggeac object| google_js_reporting_queue function| postscribe object| google_tag_manager_external object| GooglebQhCsO object| apd_options function| fbq function| _fbq object| unblockiaScript object| _cb_shared string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg object| _cbm undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector boolean| fifabAlready function| fi_fab object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery function| a0_0x5142 function| a0_0x5b32 undefined| google_measure_js_timing function| onYouTubeIframeAPIReady number| google_unique_id function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __adoric__ boolean| IS_ADORIC_LOADED object| webpackChunk_smartlook_recorder boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl object| fiUtils object| $backfillRefreshObserver object| $FIslowSelectors object| $InContentAutoSelector object| $websitePrependInContent function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image object| GoogleGcLKhOms number| taboola_view_id object| Criteo object| owpbjsChunk object| owpbjs object| PWT object| a object| sw_consent string| nam object| placementData object| cmTag object| google_image_requests object| _cm_wfCounters object| __EXCO string| pbPageIdentifier string| __EXCO_INTEGRATION_TYPE object| STREAM_CONFIGS string| STREAM_ID object| wpJsonpExCoStreamSdk function| setImmediate function| clearImmediate object| wpJsonpExCoAdPlayer object| ID5 object| CEDATO_API object| CEDATO_TAG object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| measureInterval object| __id5_instances function| Hls object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_174345 object| closure_lm_729177 object| sas object| apntag object| _ADAGIO

134 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _gcl_au
Value: 1.1.1760432379.1697444126
.walla.co.il/ Name: _gid
Value: GA1.3.1092310630.1697444126
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _cb
Value: DwFmPwCozCNWD0k4v3
.walla.co.il/ Name: _chartbeat2
Value: .1697444125737.1697444125737.1.BUqQVAC1HaN_BEQa0Sgf5mDCB7QOP.1
.walla.co.il/ Name: _cb_svref
Value: null
news.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://news.walla.co.il
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1697444126.1.0.1697444126.60.0.0
.walla.co.il/ Name: _ga
Value: GA1.1.1579745487.1697444126
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1697444126.1.0.1697444126.0.0.0
.walla.co.il/ Name: vad-loc-code
Value: us
.doubleclick.net/ Name: IDE
Value: AHWqTUl2TQr7YwAOJmm_tQgy2eNybN1SnPtLqayNS59AutlB9_nhIwmWLFtnNLUQBd0
.walla.co.il/ Name: _fbp
Value: fb.2.1697444126895.450067066
.walla.co.il/ Name: __gads
Value: ID=5b10ba2110ab9c23:T=1697444126:RT=1697444126:S=ALNI_MZDv9ShvOnBMmMyYt5A4gvA6p-LBQ
.walla.co.il/ Name: __gpi
Value: UID=00000c99fc91fbe4:T=1697444126:RT=1697444126:S=ALNI_MYZw1-b24AVkLGVzBT1fnq_TLVGZw
.dxmdp.com/ Name: dmpid
Value: d3fcef24-aa27-4bd4-850a-68eab8bc0e37
.dxmdp.com/ Name: audids
Value:
news.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yandex.ru/ Name: yandexuid
Value: 2986733451697444127
news.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9b3a1366-6942-4229-832d-5e829f049792-tuctc26769f
.adfarm1.adition.com/ Name: UserID1
Value: 7290467016559032476
news.walla.co.il/ Name: exco-uid
Value: ftxis7p7qfieh9mc
.ads.stickyadstv.com/ Name: UID
Value: 285ca19b64d6815af85768658dd7eb3
.richaudience.com/ Name: pdid
Value: d53051fb-850a-4eeb-bf70-1zz1697444118
.advertising.com/ Name: A3
Value: d=AQABBCHxLGUCEOj-Yv8ims5QTS_JtvWm_YgFEgEBAQFCLmU2Ze4MxyMA_eMAAA&S=AQAAAt2Ic_5g2MZXdk6MMMEs7uU
.criteo.com/ Name: uid
Value: 018ac023-6a8a-41bd-8c00-8ee9c32fb839
.bidswitch.net/ Name: tuuid
Value: f70dbbc5-2770-44f5-ae4e-b70c0dd21654
.bidswitch.net/ Name: c
Value: 1697444130
.bidswitch.net/ Name: tuuid_lu
Value: 1697444130
.ex.co/ Name: exco-uid
Value: 2e3634372e363635
.casalemedia.com/ Name: CMID
Value: ZSzxIjI5J1C5GBqQA8vXMQAA
.casalemedia.com/ Name: CMPS
Value: 2170
.casalemedia.com/ Name: CMPRO
Value: 2170
.walla.co.il/ Name: cto_bundle
Value: pE2CRl9adWxVTnVzQjJkaWQ0R1RkMGk2JTJGeHolMkZqOWp2JTJCUkhad3clMkJQRWZFeHdiNlZMeTFtcFUyJTJGZFB2NEdjWlZEVHRxV1RNWlZoc2d6QWNIOEV1MERrTjlVZGJ3cml4dzVwTUNJTldzVURkZWpobk5WZDZFc0RlWTFCbDRZQmtmSVdjbUNpWEtIZ2ZzJTJGcEswVVpPMFZmejRsQmclM0QlM0Q
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C7E7BC18-34D3-4297-BB25-D52CD968471E
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5445555529033447467
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-04fd2f60-1891-5aa4-5529-bff123dadc4b.EerWU8ymYALVBSM68Cd0ZDKv%2Bbr6Uk0j106UkmCy6cY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-04fd2f60-1891-5aa4-5529-bff123dadc4b.EerWU8ymYALVBSM68Cd0ZDKv%2Bbr6Uk0j106UkmCy6cY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABP0vYBiRWqRVKb_xI9rcS8IjeXE.BsLdQLNst%2FO4bGXfeOaO%2FVFGXaydl1JKH032XnfLBoY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABP0vYBiRWqRVKb_xI9rcS8IjeXE.BsLdQLNst%2FO4bGXfeOaO%2FVFGXaydl1JKH032XnfLBoY
.quantserve.com/ Name: mc
Value: 652cf123-71f61-48bab-bccc5
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 6093f3e9-54fc-5321-8fee-125beac2e378
.betweendigital.com/ Name: ss
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQzMbE0MLIwMhPiM9S1iC93rfCJdA10KjYCABWGL5klAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQzMbE0MLIwMhPiM9S1iC93rfCJdA10KjYCABWGL5klAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmluYmJiaGxoamYEAAgFIRwQAAAA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJqDrLkALvMujajePnSP9xfVze8CXEPxpNS9_K8YbTJwEHwYBCCj4rOpBjABOgTwLrJgQgScd-Ac.fHWu0%2FWDt3cC9Yuz7ra47HPM0M4HKXkexvw655fG7HI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJqDrLkALvMujajePnSP9xfVze8CXEPxpNS9_K8YbTJwEHwYBCCj4rOpBjABOgTwLrJgQgScd-Ac.fHWu0%2FWDt3cC9Yuz7ra47HPM0M4HKXkexvw655fG7HI
.betweendigital.com/ Name: ut
Value: ZSzxIwAI4XDuB7KDngm-t7-lP3eO8L_0KwRF5Q==
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5134455421644902826
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K&KRTB&19420-29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K&KRTB&22979-29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K&KRTB&23403-29dHyYvTR5nA1UTM29NYntWAFMjAgBbJjtdf_H6K
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJdCPQqD8hcdI0K-G8e54b8&KRTB&23025-CAESEJdCPQqD8hcdI0K-G8e54b8&KRTB&23386-CAESEJdCPQqD8hcdI0K-G8e54b8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.de17a.com/ Name: guid
Value: 1.340348770347379010
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-340348770347379010
.adnxs.com/ Name: uuid2
Value: 7291242071810221903
.openx.net/ Name: i
Value: cde27085-fc09-4768-9a62-cb41c2e06a40|1697444131
.yahoo.com/ Name: A3
Value: d=AQABBCTxLGUCEKg_oHzVxizJ-ERe4sPlygoFEgEBAQFCLmU2ZQAAAAAA_eMAAA&S=AQAAAi0nzP91n89JIX8eCnKxQf4
.doubleclick.net/ Name: APC
Value: AfxxVi6aWAbDIWrl6iUC5CsRlhkE94vRplZ1JCc_V0ETdaRTNa8zdA
.bidr.io/ Name: bito
Value: AACTOk7KWeIAABiS_wrVow
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7291242071810221903&KRTB&23339-7291242071810221903
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-BP0vYBiRWqRVKb_xI9rcS8IjeXE&KRTB&23334-BP0vYBiRWqRVKb_xI9rcS8IjeXE&KRTB&23417-BP0vYBiRWqRVKb_xI9rcS8IjeXE&KRTB&23426-BP0vYBiRWqRVKb_xI9rcS8IjeXE
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5445555529033447467&KRTB&23263-5445555529033447467&KRTB&23481-5445555529033447467
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7290467016559032476&KRTB&23369-7290467016559032476
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5791a7dbf3d14bc5
.blismedia.com/ Name: b
Value: 652CF124A89A3C06C543B0B3BLIS
.smartadserver.com/ Name: pid
Value: 512488335926292326
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACTOk7KWeIAABiS_wrVow
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACTOk7KWeIAABiS_wrVow
.3lift.com/ Name: tluid
Value: 2994924869480759237262
.ctnsnet.com/ Name: gid_CAESEOyLLHeBQ3TD_UC8hH5FTMM
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 2793941312454047967
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8111004722029967583&KRTB&23150-8111004722029967583&KRTB&23527-8111004722029967583
.w55c.net/ Name: matchgoogle
Value: 5
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 2ae6c4e3843b48b6
.w55c.net/ Name: wfivefivec
Value: fYbexdKp1QSiLb5
.openx.net/ Name: pd
Value: v2|1697444133|gen0vNvQiygu
.pubmatic.com/ Name: DPSync3
Value: 1698624000%3A245_241_235_227_226_219_197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1698624000%3A264_13_166_81_21_254_204_54_249_220_234_56_55_165_161_238_176_3_196_22_99_251_233_214_88_71_243_46_8%7C1698278400%3A63%7C1700006400%3A203%7C1698019200%3A15_2_223%7C1702598400%3A69%7C1698710400%3A35
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 158554:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1697465734026
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_81d41e87-4b8e-49ff-aa5a-ab68be5b8d82
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f70dbbc5-2770-44f5-ae4e-b70c0dd21654
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C3E3B8F3-7ACC-4400-26E0-BF73579980F7%22%7D
.simpli.fi/ Name: suid
Value: E488FF56E84640F0840F345AA2B25811
.creativecdn.com/ Name: u
Value: gLJK0P9m0azHUlc3elHd
.creativecdn.com/ Name: ts
Value: 1697444134
.weborama.fr/ Name: AFFICHE_W
Value: Djog7u3Lrj0O39
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2E?_fVe'j!]tbW8i_iqf!oN/@E'zz<*Z0QUVdK>h``Q-42p_L)V1YCJGYurBr$]*S$J4TTD._*Pl[i'pRL>iih.1^5/4B7=O)444/+Iv<TQ$z4uu#<=NjM`5Hj)%=jk@XA=i2Te+.<Q!#?VM>(p:t
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI1NWQ5MWMyODIwNWZkZWExMTU5YzFhNDYzMTZlZWQxZiIsImV4cGlyZXMiOiIyMDI0LTAxLTE0VDA4OjE1OjM0WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTE2VDA4OjE1OjM0WiJ9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003%22%7D
.smilewanted.com/ Name: sw_user_params_infos
Value: 7xf9cPyiLR81NBW0e4DLADwWlzB%2FbyOcEW0CbunewjRZhf5HxnJRwxeAwNRFMb%2BfhQK1Ok1WgQ%2BSfvJXFbuy1e55QeOVe0zDmSeAuX4tR8N6HGxbvDJdT%2Fuqz%2BlvFzvgO8os%2BKpiFqe8aKYmgUSOB5clTxs71DicBvTynfI2iEiIVYz37IAX01wA2bOhwBM68Nl%2BUDJdRzxWS7HFP%2BT8ITwQVp7UEVfbqjoQghHG4xKL8otyDr7JCIvsVJ3vd4kqJ3SouNDuK40e%2BmZT4tfptXOAUKdd7b0wCxGZUEQOmdAQH0IEU20n4ERvN%2F5l5mZdyRDXZG1eatCOlgtg5zUn%2F9vJFTUfUWMDmIYIn0ZF9it7hEbmwS8jy1rMonC64RBRNXkOqjssVLrCEJn2NctMr4HxyoBjaHnoLqb6%2B3kpEW6bP1VQQuC6JVRjP7yNi0vmxxtcEdHx%2FVXZlZCHpIaO6hCve9cugVvgTUr5CSM33e5sfw%2Bq4hfgJo124IkDfxdEbVHX3PxXySivwSTA4o0AlvFswPgOHtAEIr3Dl2F4kQF2C3lBH1N28yr0ayjlu4Si
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-b43a93e9-1172-4312-bfb6-200c0f053944-003&KRTB&17107-RX-b43a93e9-1172-4312-bfb6-200c0f053944-003
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003%22%7D
.semasio.net/ Name: SEUNCY
Value: B914E40F504A2693
.ex.co/ Name: exco-uids
Value: {"ix":{"UID":"ZSzxIjI5J1C5GBqQA8vXMQAA\u00262170","Expire":"2024-10-15T08:15:31.038174242Z"},"openx":{"UID":"5ee890ad-3ab4-413b-b370-c5434ef61a2a","Expire":"2024-10-15T08:15:32.091949477Z"},"pubmatic":{"UID":"C7E7BC18-34D3-4297-BB25-D52CD968471E","Expire":"2024-10-15T08:15:34.096152196Z"},"unruly":{"UID":"RX-e7af0f70-be78-468d-be4e-2a6b286f6e17-003","Expire":"2024-10-15T08:15:35.169214711Z"}}
ads.playground.xyz/ Name: connect.sid
Value: s%3AiiqQuzJdKogEJYZX8-fpqUithm7iNo3l.%2Fn2y0zXKieA09IIn6kukoS0FNb2bYyLt3dzXLxEwAbg
.zeotap.com/ Name: zc
Value: 9b459fee-3460-4cef-6a65-5822ffc38714
.pubmatic.com/ Name: SPugT
Value: 1697444134
.ctnsnet.com/ Name: cid
Value: 2bd2d70c8902434c955dbb4451d0a251
.tribalfusion.com/ Name: ANON_ID
Value: a7nwQRwyEoipuMNpa2U7aFl2LEekjnA8T3p7EhXZbQETT7IVPJ81D3eGy1lEIWtW1yDm98W3ZdtpcdMxwJhL092nYSAhPr6F8olytfhyfB3cgnYcCKFarVADkggyAH
.quantserve.com/ Name: d
Value: EFoBGwGZKoEO-TCJiTCuu4EA
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZSzxIjI5J1C5GBqQA8vXMQAACHoAAAAB
.onaudience.com/ Name: cookie
Value: 81faadb81edc1f1d
.onaudience.com/ Name: done_redirects147
Value: 1
.fwmrm.net/ Name: _uid
Value: umv1b41_7291037504216623373
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv1b41_7291037504216623373
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv1b41_7291037504216623373
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AACTOk7KWeIAABiS_wrVow
.adx.opera.com/ Name: UID
Value: OPUf9016e17f9ee404aba58648459cd4843
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUf9016e17f9ee404aba58648459cd4843&KRTB&23485-OPUf9016e17f9ee404aba58648459cd4843&KRTB&23524-OPUf9016e17f9ee404aba58648459cd4843
.sitescout.com/ Name: ssi
Value: b8160e6c-6798-48b7-9474-7d3451f5b636#1697444138755
.amazon-adsystem.com/ Name: ad-id
Value: A95382YxQkl1swmrNpF8_s0
.adsby.bidtheatre.com/ Name: __kuid
Value: 2655bf38-d785-493e-a504-16e0ff9c06b0.466658138
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NzQ0NDEzODgwOH0
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-b8160e6c-6798-48b7-9474-7d3451f5b636-652cf12a-5553&KRTB&23418-b8160e6c-6798-48b7-9474-7d3451f5b636-652cf12a-5553
.pubmatic.com/ Name: PugT
Value: 1697444138
.rubiconproject.com/ Name: khaos
Value: LNSMEW9A-28-6QBL
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoZBAOg/aqJ9Ak6ONwJcI8Jf/TEuvvIbq0UWPZFWYwQ+P5Sn2ANeF3OUaFwXehxnCYmGweUluV0N7CouTddTZAUIo8tEQuGXfEYuY/fSI0kfg==
.smartadserver.com/ Name: vs
Value: 218209=5674095
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314513856%3B%24ql%3DUnknown%3B%24qt%3D89_0_0t%3B%24dma%3D0&c=1&l=-1006524750&lo=22192498&lt=638330409393742793&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314513856%3B%24ql%3DUnknown%3B%24qt%3D89_0_0t%3B%24dma%3D0
news.walla.co.il/ Name: _lr_retry_request
Value: true
news.walla.co.il/ Name: _lr_env_src_ats
Value: false
news.walla.co.il/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-16T08%3A15%3A42%22%7D
.script.ac/ Name: __cf_bm
Value: PbiVOD5acgfyOkMRPHndraA5IxSgE1qXwGlJ_rC4IvE-1697444143-0-AfJ1u258cgDsNa2rlaUg9vCxLFnaIDKQ8Lhe71kk1ZBphRPKr/VYKsyILgmnOrQuOkZ+ZW8xnmyuxHnSI459f0k=

14 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript error URL: https://news.walla.co.il/
Message:
Access to fetch at 'https://tr.dxmcdn.com/rest/api/v1/survey-executed' from origin 'https://news.walla.co.il' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://tr.dxmcdn.com/rest/api/v1/survey-executed
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://loader.unblockia.com/c/news.walla.co.il/id.json
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM8B9zezdvtFi5_afXg9A8I&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C7E7BC18-34D3-4297-BB25-D52CD968471E&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: blob:https://news.walla.co.il/66134e8b-17c1-4c14-b0e6-2d0e046cf8fd
Message:
Failed to load resource: net::ERR_FILE_NOT_FOUND
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13963
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
1f2e7.v.fwmrm.net
2a01347d02ab305c7b98cbad8a6d676e.safeframe.googlesyndication.com
a.audrte.com
a.channelexco.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.yieldmo.com
am-match.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.rlcdn.com
app.adoric-om.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.contentspread.net
cdn.ex.co
cdn.firstimpression.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.unblockia.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cds.taboola.com
cf.dxmcdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
collector.ex.co
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
creatives.sascdn.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.channelexco.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eu-u.openx.net
eus.rubiconproject.com
event.dxmdp.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gpv.ex.co
green.erne.co
gum.criteo.com
hal9000.redintelligence.net
hal900029.redintelligence.net
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
il-trc-events.taboola.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
loader.unblockia.com
mab.chartbeat.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mwzeom.zeotap.com
news.walla.co.il
onetag-sys.com
optimized-by.rubiconproject.com
p.channelexco.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
player.ex.co
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.fr3.eu.criteo.com
rtb.openx.net
s-06.channelexco.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
scontent.xx.fbcdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ex.co
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.adx.opera.com
t.unblockia.com
tags.dxmdp.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tr.dxmcdn.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
vop.sundaysky.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.at
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www9.smartadserver.com
x.bidswitch.net
a.audrte.com
ad.mrtnsvr.com
b1sync.zemanta.com
cdn.ex.co
cm-supply-web.gammaplatform.com
core.iprom.net
csi.gstatic.com
csync.loopme.me
e.channelexco.com
fastlane.rubiconproject.com
green.erne.co
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ipac.ctnsnet.com
news.walla.co.il
rtb.openx.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tlx.3lift.com
tr.dxmcdn.com
web.hb.ad.cpe.dotomi.com
104.16.85.20
104.17.24.14
104.18.22.145
104.18.24.18
104.18.25.173
104.18.27.193
104.18.3.114
104.22.25.87
104.22.68.131
104.244.42.8
108.138.7.16
108.59.7.249
13.224.189.112
13.224.189.128
13.248.245.213
13.32.27.21
13.32.27.48
13.32.27.65
134.122.57.34
138.201.8.249
141.226.224.32
141.226.228.48
141.94.170.64
141.95.98.64
142.250.181.226
142.250.185.129
142.250.185.131
142.250.185.200
142.250.185.225
142.250.185.70
142.250.186.116
142.250.186.130
142.250.186.166
142.250.186.34
142.250.186.36
142.250.186.67
142.250.74.194
144.76.104.53
15.197.193.217
151.101.194.132
151.101.2.202
151.101.65.44
157.240.0.35
157.240.0.6
172.217.16.138
172.217.16.194
172.217.18.10
172.217.18.14
172.217.18.97
172.217.23.98
172.67.74.129
172.67.75.241
178.250.1.15
178.250.1.17
178.250.1.25
178.250.1.6
178.250.1.7
178.250.1.9
178.250.7.10
178.250.7.12
178.250.7.13
178.250.7.2
18.184.216.208
184.30.21.51
184.30.22.30
185.106.33.48
185.184.8.90
185.64.189.112
185.64.190.78
185.64.191.210
185.86.139.103
185.86.139.116
188.114.96.3
192.96.204.131
193.0.160.130
195.181.175.41
198.47.127.20
198.47.127.205
2.16.238.146
2.16.97.41
2.19.228.187
2.19.229.53
2.21.20.206
205.185.216.42
208.93.169.131
213.155.156.166
216.239.32.21
216.239.32.36
216.239.34.36
216.52.2.91
23.201.255.110
23.35.236.188
23.53.42.193
23.82.15.161
23.88.86.2
3.121.79.42
3.210.64.86
3.230.86.123
3.69.181.171
3.75.62.37
3.89.18.112
34.102.253.54
34.111.129.221
34.120.133.55
34.120.218.58
34.120.63.153
34.149.20.76
34.160.198.118
34.227.12.45
34.95.69.49
34.96.105.8
35.186.193.173
35.190.0.66
35.204.74.118
35.227.252.103
35.244.159.8
37.157.6.237
37.252.173.215
46.228.164.11
46.228.174.115
46.228.174.117
50.17.233.50
51.75.86.98
51.77.64.70
52.19.114.225
52.20.141.80
52.208.23.16
52.29.100.88
52.29.143.118
52.31.175.73
52.4.34.232
52.46.143.56
52.48.146.251
54.194.163.10
54.205.114.6
54.72.18.200
54.72.191.61
54.93.44.146
63.215.202.137
64.95.96.108
65.9.90.97
65.9.95.15
65.9.95.96
65.9.95.98
67.202.105.21
67.220.228.200
69.173.144.137
69.173.144.138
69.173.144.165
74.125.133.154
77.243.51.121
8.2.110.114
82.145.213.8
85.114.131.234
85.114.159.118
88.99.219.174
89.149.192.192
91.228.74.168
93.158.134.90
93.184.220.66
96.46.186.57
98.98.134.242
99.86.4.102
99.86.4.108
0006a0539d3f199c9b2416e7964cec61ac6c90f394e2d9c8fbd0d1196cc137a6
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1
01b0a37506787c28d13c39ee97918cb3ed3028e7ea7eb053534915b2abf71324
01dcb48325aaf01f0d344931f34b4e153a35e0085f7c3594d864f5c2f4bf1a62
02257c6025102a477f5f18176c271ff64eb563acfa7ccc93cb70c0bca05487d7
0394884b772f114b4ef2122a58081fcdad4da8f76fb9d8ee0887a9c9662beec4
03fa6cb423f91c99596872e68deae8752f1b0cb0b6e4bc95ca3210600d975438
046b175d4799fd58e4a4159a7eac75b46ba3fc9548c6689e44a7ff29f2dcb2d0
04debb0274877bbceef12ab3c191925e5fb34af51720394af19bf872cf0ca6d0
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
0661a550305eb4da35c63e7abd28457053030e68216cba4186b5395e7268ea73
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
075616ab88bfc91ffd4f830d6ba8062eb9028639cfafc0275bf30d268e5aa1c1
07dfafb847c6743af4076917fb4257dd6ff3340b046337986a1897c451b44ce3
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
094f05931449c8779bad7f79756b59a1ed809e9af6e7e6c3f4d158c5ad6df3e4
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a03a9427932cfe62b173c84a6d54a73d22de419cbaed9f931039a0e6e22680b
0a5682de393fa466b2542d49b5301a201fe11c023ec58ffe412261abb45ac7ee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0d0f11ad7d715d316d9ad92961553c41ae5ef043be8748da874051bfab170612
0d4166d628450e4060cedad79066d226c7be682380e708dc30d62159fd7433ce
0f6bdeaa22496e587132d9703de567e09935ac83aa888195ec1b78905d7497a1
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
104b38bd13206263384f9e7759a74b105ec19817e304ecf455ff5ce643997829
10b05b2a475af5332273aa64c4934d61d4c70efa292af8eef123c79e4d1d1f2d
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
121c8857ffb7d4341abca73f89459b82e0d8547feb3844541937e8e2a23741ab
124d72eeecfd7106eda0dcefdd11ab5c1cfa029dd1bc1b35d09d9273b1b12fce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13081d61c91fb98e640ef98e859b472d48a3109519fb46d324dbf985e3f0e905
14f15628954c9170de17d411bb31c56c9fcf152df5cf647d11c25b52ca97face
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
164e62dcb4180b3c680729f5e7d0dc4236e95ef5397a3ceed643fe72f65e57d5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18acda07d27f54775e8e878f21672ba989871121e92dded6b879f03f47771f4d
19642178f8f7ac4492ce9125da46536c4bcbdf926a95f71682a389aee20f71ee
1987755b0828e0aaa3344aa67e8195f333b0c8fa45da2199b5ab596c03c07167
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1a5cd376f37533806796ac78737a6a23de72d2e6d364a9a5e4cfb7edafc74449
1b7a30fec496713d0023f8200bfb664ca2058e1d172adb97e2c5bd5fc09880c7
1c7ed1a9b207bbfe147b91546a532c2701795ff00809fd57218458aefd5a433a
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066
1eaccdc4aacb54961f7160943eff55e3f3a21de84833c4a6f8d600d5db75fc1b
1f182033b5c59c76cb3e6799ee48546d42d73b1ee503757054a6919b4680e34f
1fd8c85d126b50d26a021efaaa70b04b68fc03f2f12e21ecbc0ad5d8fafb888b
211db15248b61a7992584cb78d84964757846cb048ea35a4abac7e383437286d
2142d1d9466f5c5d4176c5cf0e3744921b922c635390e88177a38a1c15b56667
2197d4d27f44cbcd41e6d510605fc651f66084ba930b538402e504fe1f53d31d
21bbb08fd6ee73a1427f394cdb77dfca994d795dfdb9fcbd4f9a3bb9d06e6cc3
21f81a35eef3a79b83eba6178ad89acea8d56fa9818fcf37612cc47cce4b1c2e
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
2307871f3548016ae838e0cea561baac19dac7861c02c38721a93b0db487b9e3
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
284c0f89e22b0046ff9329bb7d7311259a6ffba27921fdea0814201a08d946ef
29698cba776e3dab1d3a9096b9f85ccb8a72acf301ffb29b3744944923a5b427
2a3cfa408d5d840e25baf248240cd57b279ab00268db4ce62a053c596be1d852
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b9bf61c23f475dc049f2c385ce3505007b5162eba89b52f128a4da4658d1e5e
2c34939acc057f7471e5b4e8016335c4d3e4e3d775e92b6fe689db086f129cfb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2df66752750ea1f144c41bf3b76a9920eb9356763a45be92496a33c92cc2e3
2e30dc04b9a33bbc1591a93497cb143e52b2a69569e059c3790b7fb3aee39203
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31277a6e8eb5500f773b54c3573538f599feb412192f21ac1019818098577b8c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
32cd064269c3846bd74333db965cc6f0116e38b6489a7a861520f2658d956385
336bc80c3c562401ccfe75bfa1873a4536837b926aaf7b82cd9b0d80b8425167
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e12c0782b5df8745c0e5f2d32b1239ecdfa62db99ad43f00f5a2161df0042e
3706e4b6baf99d47aeb0533acd5328ef9dade4ce1f974928338118448b1969e2
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384bf5ed743b66d2a6468c956595c0e32dac2f56badce9b1c49d7d60883afb15
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
399bb271bcba83ab3b22ba6327f8bd76fd6d90604a45bc6e8d708af071457ff9
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a2f6642832f5faba064ca6d7af8bd14ca12f374813e2205bce269ce394e693b
3c452f789abdf129f15ac38a36c85b5bfb905d4b12f634c9c0edf506f817c176
3c5d71690fc1af0d970fe810c65cb781791ea63e9393d54355b5a490e379cd18
3caf3889aa2508e11a57285e3c180f9485bf4b7d1209d89ee13eedadb7c0112b
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3def2fb609b4577c61499e9d37bce170e440a9477b66398833de79a850a13062
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f5c1f37ea6d24924106d921c86382ac9e423b2ebec90f556535ef9ade9e2ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e18180227e61d32c049dcf2b01109eb0d1e83f9c1335e0c25448cddc59fcf
446cd2b4e062f2b83bacca715902884e9542034aa818ff1cad5edbb0aebe4fef
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4855b8ec613d695d50a7af3d0044f10afad1304c8663ae841e3a5d10aeceea36
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48dc75f6760a4dd75285e76058d028f96823dbdc9bc11114230d1f305e573b2f
4a9071508f7166144b974c2809c8d84fd415b80c3699b0a6a75f5cd407eaf1b7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7aad1f146efa5730f8d7762493d4fb062127afbf43825a34c87f4723cf06a5
4dc4dac48f417dec68fae3b49593f68557364ce9c0dc8f8beb5a5627e3850e28
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f83db842565db50da7196d408ada59e6e993a7cb8a050428a69837f72346584
4fa69b310798230d616f70eed8ff34b8bb50536234ab23ea3090cce7a90d30bc
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505d745707a93d1d90b281e57dd7fcdc9ef70de80846c2c370ab62f5d6e3316e
5147c6f459ab2365cb5369a638c526a4eefd91c7943efed00a3c18b043d5bd10
51e3136e4ae40daa3825e5f50028fd43d138a4d9a28526ef106dd7ff58b66ecb
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
528800d4087d2db335f82e8c6ed368f99caca864e71473b936c1d6dad9c22c34
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
564cf5a9594728b093917a5e459ec8655d2a762d563e82c77065fd6292771f67
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
56e687887be4c418115fa34b4e7c8466f16ffce4ba5678efd915e69af36b1310
5793096289bb147ab6809882ad3084fb08bf9dea89787665b2b4f711a857dbcc
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
59a8826b360eed0110fa339c6c4932d6be0f9b2e4ea80cad1eb45d630997d1b8
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5ddf593f4a8eddcd3d638a211dd91a517bd07b43f8ea933695dfc161b8e2679f
5e4c0aabc9b3ef0daec72b0cc6c1fbd4e8dba9a66df00701fd74873bd046b2fb
5efeffa644c2807b1e91401b90456994cc81743c98488e62f2d7961fcaca7456
5f60bc1b764de88ce4b5d44847630fa83eb6452dc1ffd62f8e762cedd8c039e7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628888ab2bf475ea98e6630dd6b48f5497f3730f16dc5518daa208da39b50ae5
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6376de7e0d158f0ec24af9380b2d3dc098d6f03f345aecb3fe79c78c8af36a58
63a1b93b48796af84aa2f685628588651ea9e2692a10bc24006ee30c2d6e5228
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bee666359409ba4812c346ae5d500a8391c89e6d588da8016892726d784526
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
67a7539e8990fa31d741a9bb47eb0edc6f98b258bc709fcce29d7626e8983236
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa31dd89388fda4e31645d09e4e469a034999e4d7cbb356bd3b6b6fd44885a2
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ce905609967c33ad3dfbeaa98d7ce76f91559121370fc0ac1289d55be217e36
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
6d8115186afa77b40d91a8cc8289c18beb3178589ddc3587cdf3cd5998d747de
6d967994d734c9c88a3b4c33b0ed8670106770cca5834cd1d1ca107125567255
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6dcaf4924acf3d2bea3507a71561a0d4dbb9dbda9913cd8c649e9d38c8c72900
6e88bba6f18618579dcf1354cced88402b2c3fb82ebee6154d8bee0c9c566ec2
6f614656b02cda8526fb71924243797ab59384b047a44bd0f432ebc38b46f3bf
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
6fa9f6a888cd5973098766d1b4d34879cda69d2f13287f2fd8ddb28bec13bd96
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7176146461b84fcce1da1c95f77d696b5eecaa93b69dde64b35678f00bc6f705
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72db4701b1352d27a5fb4b6d0d29d91c9646610ace01c1c7ba1201ffd273007a
72f5a8ad58658aa5301aa5087eb1dfb3e33827a2a07a4e6b495ba8565de372f9
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3
7500f7f83cdce1ab2dfd7be6ddc073c8a3b922baa87caa4b295072b5cc43e828
75fb3e2fec5d57e634dd2a97afd2bb7139c6cb0f1f56f9f57ce2c797e671364f
765144c54ec1f3492c42891d5a1d18ff8d08e9d6e1866add9d8eb8f7bd7b462c
7658b18d20f27a2db750fcade300ff7918c27d7122e9be39ec97a9dbd53023a4
76cd9f0427cdc5fbdaa10050cdd48593938d26a27f3b87cbd05f5965f08473b1
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
794c062653a7f8e68b233700f53a7fb3724e5cd361d8605cdceca6a5948c9a2e
799c9a8bee08a31b2d9340b9fb7738ddd9f054c7413f07f6953f6b2efff8b6f8
7bab19098c317dcd4522ff95c1e6a9ae9ffe7a6d3a28056bc9eb98295d09b743
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7fe0bffed3478b4de88aed7b8da3b16c0d4c38c6fb131ed8df4230d57f7bd4a2
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
803165424a683201ed947425de6583c598dbdf0b5b106ab177e133a69b5c6eb6
804f1f3aba934bed9ee94204395a2df60cc088c6062d6e317bf2964ba4bf6143
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82156a7f51f02b74e470899539de45ce9177d69f3c1cee09185c6ab6f083610d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a942fa11d63b702ddff3dc7c309f59cbdd66b99853a34b4a07f9f6c87f2e37
852450d4babc4394c3e7d0d16a9282f4d3804901bee0edbc787628c0798a29d6
8824d8abd77ded82644656e7e6952b6cb7d5d05a672d843e16037347b18e5374
893523f42f089cf44d632fac7366f54b2f3d24d9b5de47f771602350e7c965d1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5624f4d8404357d496a7644251cfd24f22b0a7493f4faac4b9de8a0f064bc6
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee564f221142145ae03a8abba13c0ea2f217f733791923f1c45e38d9b0a7a59
8f10d7a122060c5e9725d7624296ac0d6b1817545d424d7fdecae5a54123344a
8fe87029aa3122e324be10bb80607020a46541baed2c3ed40720a572f3d7b0b3
92bac85cff9a978749f0fb5ecf223cecbb1100c704632bbd7863b1732ec6910a
92f6cf610b776d0664dde7ed293ea1141b01f68d9a5bb584f4f85f7dbb49e050
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9634cb280d21026742ec7ccad89a6cafb6fd6154b5bca55c53071a2e98631085
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96a9ba621a934bb587c51c3a1c0e423da54dd23dcaa72b790237b49923fd1ed9
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97664437f67761fe7d3a1c6e0569973ebcf523498845a5fe3fd01c3b610a5241
97a136040490e5c52589206f37fb345b38fc7681940219b1a106558d145b09b5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b61a7b47b35dbfaa075a939a7e999e0b0ee7742905e9f68f60158194a824383
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9d5e68eb8296a46ad6ee32745771a307f6c336f2c8a2b5cf167fd59538c6c74b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a58eea9b988be9a159f96d5999cfe63e692595e537d17857f66ac1b4c9b4f0ab
a67604c34e468f5485c5177d1af94d7cdd1a521fb853baf6df00f90d3195cc03
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a70c71bcfc9560c33480e3b859424f628b5fa665dfb5866183a733d47f3237c2
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a786785f56c14eac0a047206b47359680bbe3b170695a877a127ad5aeee3ad78
a7c6cbe0912bd511f1386a4de8ddae0ad636822c46fa3e39e9954209e9521aad
a9142dcb0d9f50de27b3285148915a6621d3e74e9b9cb23ac7b008a2521d45ca
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a
aa8f12a788b435ac1991db81195e71bd817ab1a25017b6dac6b0288ff53d55d0
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a
ac20eb64e13d46968273ab7a11de467aac9a886416fa48c9f65b8c3b8f78d398
ad4e13531611290f1052c14627ba9694fba233fd9d7633f7890a86a0419f1709
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af87721e50df754662ff086a666caa1d2f49d46360481addb544b5668c2c3db7
b01686832095e1b653fea6ec3776b8c433b9c3ec9f9d3cd7fe0fde1d3e1b2e7d
b09ce469fe05302214cf8803ca314ac7eeda075a4f7e81d9d592ffba837d4538
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b62801cfcc8ca8814790778f98508d20561c579b45515dbade21d980739dab
b48ec39842395615408e78b90f25ddc2a53f286e8532dd42e23aa87d4b3e8d65
b4b48aad19b326bd0de04dac4b8eab57b134145973eb2d4bcaf5cfed8e45cf01
b55d0407250d2678245078fd4c277029187afedb83b5d9442a0262815c6de9ef
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
b85a3d6dc43bde7ec9acbc3be3efa5467b0f3dd60355deddf5dae83336944848
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb63af4c0c29b947b1735d44f35ca63ab74c3438269cd7a9da99d2b7155245ab
bd2e27ef82874491cf5124d579e104711af982bc99e4af3acb420bc9401afd3a
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf
bdcca1dc336a3265d25fae273664f00aaeb0aa74533b771690cf453297c5835e
bdf56ebf72a2d8a78c1a33368c5915daf3b2c54cc9bca6ab4d7d79b425593786
bf6613f7cc26a29c2d25326681a5e15c789f4cec36f328b9100018a8e31648ee
bf9fdddcbecaf0f9d2820785e50726e2e739dc9044b33b8440bf780cc46f5d03
c115c51cf7b65ccf18d33a1355f1a3a837c0500ccb53d665591f1ca7bad6d2a7
c11cb885e411efc43b004ef93dc286e0da10cd95d91a5b54a45e0ec10cb65ee0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c4c76335690603b60619c3ac3c153208479ca24fb82e4991b45a647fa3319f71
c4e2225061ee113dedc17c2ffdcf5e703ccd51e685e9a245fa534e3d7e6dfd2d
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f
c707569441762b70fad86d0f4e541fbfaa74548d819250e7dada45f5a652e29b
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c985256e67995ab4f20602a0ad0ea5e62e803e9024a53a3de6b927d7713a6f2e
cb7fe7b68be275514b92d236b01a17bc5d2d4545bf20422cd91797402d6c5893
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cbf501dde9810739ff455bd0e4f537fb57478d9b16efdeb18cea5d565a1145ea
cc2728c7d949752bda4984f25bec537c5c0b85997ef4f04f18c38c692c6044f5
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
ce7efaeb2969b0a601811fe28726bb781edab68de1f5dfea9459fdbe37acfd9d
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cf1854f9ede6a45601d03ba1332d38da471b4fe605f424eb45652c9c88a7fd3f
cf3a0304fdb028dad45d4aef02555aa5dbf9b4eaa42077b2a0cec6bfd7878cc8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf528fec5f2cdedcd8213c7d056781991c894b6a52f00c98e9500952e171c184
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d097cc5e00bf81fbf240163e4227021f8caddff4d4c6725949e1011afbefbb55
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d407369249d8848c9c88410ed1998f597ed1d1e4abf04ec5107e88f123db8a91
d40845c23cd63cf98fbb52c7b8aff9e2a3dbcaa23f3dab49f33346b1fc530a66
d4d1022a840698e16fcbfb5f03694f5bf47b32d9d3e129ada5f6d2f44e6cbeb7
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
d7e5c6c8ea8d03cf8cc2dda4c82a58df50d561fed4d04068d1df8d3b6f3fa9ed
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
db47183a91687406af29b2a228609300daa926b17762bd790dae1ab6806b8006
db9362a18ab0275121d5812ca17c3bffadb594a4de491e4b01fd9e10d23b6c6f
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dc9bf839e0880f32022ea0180f75c59c2c48e814329babaa6942ea93a349da76
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd
dd5e10e6dfffc29033edb26873ebdedaf7e22a837354111b7b327be7d90cc24d
de25f033c4a9c8ed8194cea3f55bd5b9a0498db670963cb2d641bf0930825200
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
df7ecc10fe1432f2446f81e950cf3d85a35abd08abc9eaa12f96a5bc8ae62298
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b492abbdd8780ed8c9b3a9ad93d88d52fe3f5c387bf36faf0a9d4dc15104bf
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6fcf36633443645b870690a7616ed8166b86152257ebaaae43331f785d468a8
e76dfc22c16a854230e826b8d4af198ecd3f41f901db16748dd51f22e547e6a5
e858fccb482a1022860746df30e6ced9a5a61200bab00e96064f79153e24ed0e
e8b8ef3f53b9219b6e45674894adf50db4dc1b550fef0ff583eb9b150d81ce3c
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
ea9b1d5a5c11301f95a66cf97119595e951432a742abde8a3596cb44daf84926
eb0331543bd060daa915d131bfe23550c492cd94338459aa93b6a964df5f1bbb
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec989de149923023c35a8e7b71dab86e22f498a96cbaa58976f516841b65d0d3
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
eeba77992a254bdda8cd77451b71656389237a4f9ee73da21ec632d143899036
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e718100fea7427344ee6c442cf858091a46d42ea440e0a9438c456bb2494cb
f16f0c536c29ee81856ce0686aa13a26d1f840045c9f02bdcf3550c47db184bc
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f2f9f88df71fc7ead73080036488336b31ddc356eec4b9548e86a4a18fec1b36
f3a2d02bdc12514b10669ec05c7bae37d0bcc057e6055e0a6d05b0f0872f3913
f549fc9166c98dcd5c20e7c6a7f30cafd7ddf0629c08cb66c253053420b362ee
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5f1ef8170615451176f1f9879c5b5c9c686fb49fc0303574a577c8a270e8083
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f78ab8dbe0f0c658fc982008814334bfad5c18eee0451dd3bd0865ae8e2b019a
f88204f21f0cfa55d9ce9c24c16f5558017c911b0cc487e2d77ca974b1be68cf
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fae3abfeea6e0a543fe27ed5ea85cf014a3ae94fb90fb5939e0559e091ebec71
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcf32fcfd63452c6f1669fb5bcafcf703c8ec6429766a92c0b805cff01e55941
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
fe111f980fb081dd345743bb4d5dce69a4da38ffc9c053844a7ecc1737f9e047
ffdfd1cc4e1c522d96d1eafee7fa22cedbccbac3ed1811bcd5e9dcbbe327a78e