urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.walla.co.il./
Effective URL: https://www.walla.co.il/
Submission: On October 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 13 countries across 105 domains to perform 703 HTTP transactions. The main IP is 13.224.189.35, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 156315.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.224.189.76 16509 (AMAZON-02)
44 13.224.189.35 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 18.66.147.83 16509 (AMAZON-02)
2 2600:9000:239... 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
41 151.101.65.44 54113 (FASTLY)
2 2606:2800:234... 15133 (EDGECAST)
5 2001:4860:480... 15169 (GOOGLE)
15 34.160.198.118 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2600:9000:224... 16509 (AMAZON-02)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 3.208.207.173 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 104.244.42.8 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 216.239.38.21 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 34.111.199.139 396982 (GOOGLE-CL...)
10 34.228.152.212 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 34.120.218.58 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
5 54.72.191.61 16509 (AMAZON-02)
3 151.101.193.44 54113 (FASTLY)
4 9 2a02:2638:d::d 44788 (ASN-CRITE...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
62 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:9000:211... 16509 (AMAZON-02)
6 15 99.86.4.37 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
9 141.226.228.48 200478 (TABOOLA-AS)
1 172.64.143.2 13335 (CLOUDFLAR...)
25 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 184.30.16.195 16625 (AKAMAI-AS)
1 19 104.22.68.131 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.58.45.126 16509 (AMAZON-02)
1 88.221.169.49 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 16 104.18.26.193 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 185.86.138.124 201081 (SMARTADSE...)
5 34.149.20.76 396982 (GOOGLE-CL...)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
3 216.52.2.30 30282 (AS-INAPCD...)
2 7 51.89.9.252 16276 (OVH)
3 4 185.184.8.90 204995 (RTB-HOUSE...)
5 2602:803:c003... 26667 (RUBICONPR...)
5 2a02:6b8::90 208722 (GLOBAL_DC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 185.255.84.150 200271 (IGUANE-)
2 35.227.252.103 15169 (GOOGLE)
6 13 37.252.171.21 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
6 15.197.193.217 16509 (AMAZON-02)
3 6 2a05:d018:d29... 16509 (AMAZON-02)
4 6 18.196.96.246 16509 (AMAZON-02)
5 3.71.149.231 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 4 162.55.236.225 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 96.46.186.57 7979 (SERVERS-COM)
3 8.2.110.114 46636 (NATCOWEB)
5 8 37.157.4.29 198622 (ADFORM)
3 3 2a02:2638:3::6 44788 (ASN-CRITE...)
2 4 178.250.1.9 44788 (ASN-CRITE...)
2 2 2.21.20.200 20940 (AKAMAI-ASN1)
3 54.93.44.146 16509 (AMAZON-02)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
4 23.218.210.30 16625 (AKAMAI-AS)
1 2602:803:c003... 26667 (RUBICONPR...)
19 2a02:2638:d::2 44788 (ASN-CRITE...)
1 178.250.7.9 44788 (ASN-CRITE...)
1 112 142.250.186.38 15169 (GOOGLE)
2 69.173.144.165 26667 (RUBICONPR...)
1 178.250.7.11 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 39 142.250.185.194 15169 (GOOGLE)
3 34.98.64.218 396982 (GOOGLE-CL...)
3 104.75.89.75 16625 (AKAMAI-AS)
5 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:d::11 44788 (ASN-CRITE...)
1 23.218.208.23 16625 (AKAMAI-AS)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 2 185.86.138.155 201081 (SMARTADSE...)
3 5 13.248.245.213 16509 (AMAZON-02)
1 185.255.84.152 200271 (IGUANE-)
1 2 52.210.125.129 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
2 54.194.37.177 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.159.114.228 16509 (AMAZON-02)
1 54.71.178.207 16509 (AMAZON-02)
1 64.202.112.255 22075 (AS-OUTBRAIN)
9 185.64.191.210 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.32.185.192 16625 (AKAMAI-AS)
1 34.246.73.161 16509 (AMAZON-02)
1 35.158.144.163 16509 (AMAZON-02)
8 142.250.186.66 15169 (GOOGLE)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
2 89.149.192.196 60781 (LEASEWEB-...)
3 3 35.214.214.28 15169 (GOOGLE)
4 4 213.155.156.184 1299 (TWELVE99 ...)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 4 198.47.127.19 62713 (AS-PUBMATIC)
1 2600:9000:25e... 16509 (AMAZON-02)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
1 52.215.100.89 16509 (AMAZON-02)
1 3.18.218.60 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
1 67.202.105.21 32748 (STEADFAST)
1 151.101.1.108 54113 (FASTLY)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 2 52.95.125.22 16509 (AMAZON-02)
4 198.47.127.205 3257 (GTT-BACKB...)
1 2 63.35.30.113 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.202.131.94 14618 (AMAZON-AES)
1 2 52.46.155.104 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 141.95.32.71 16276 (OVH)
1 1 54.164.154.71 14618 (AMAZON-AES)
1 2 151.101.66.49 54113 (FASTLY)
5 5 52.211.174.80 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.216 16276 (OVH)
1 98.98.134.241 21859 (ZEN-ECN)
703 135
1    13.224.189.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-76.fra2.r.cloudfront.net
www.walla.co.il.
44    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
www.walla.co.il
10    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.66.147.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-83.fra60.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2394:1e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
41    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    34.160.198.118 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
2    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
2    2600:9000:2240:5600:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
11    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    3.208.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-207-173.compute-1.amazonaws.com
ping.chartbeat.net
6    2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
tr.dxmcdn.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    34.111.199.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.199.111.34.bc.googleusercontent.com
dal.walla.co.il
10    34.228.152.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-152-212.compute-1.amazonaws.com
mabping.chartbeat.net
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.adoric.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
5    54.72.191.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
event.dxmdp.com
3    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
cdn.taboola.com
vidstat.taboola.com
9    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
62    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:211e:5e00:1a:1d58:31c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-uw2-prod.tsv2.amagi.tv
15    99.86.4.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-37.fra6.r.cloudfront.net
amg01742-walla-wallanews-ono-btlna.amagi.tv
5    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
1    172.64.143.2 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
25    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
19    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    52.58.45.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-126.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com
a.teads.tv
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
16    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
ssum-sec.casalemedia.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
8    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
5    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
7    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
5    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
1    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
13    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    2a05:d018:d29:3605:cdf9:6ebb:c08d:dd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    18.196.96.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
x.bidswitch.net
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
8    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
c1.adform.net
dmp.adform.net
3    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2.21.20.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-200.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    54.93.44.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
19    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
112    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.fr3.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
39    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
pixelgroup-d.openx.net
3    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
5    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
5    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    52.210.125.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-125-129.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    54.194.37.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-37-177.eu-west-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    18.159.114.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-114-228.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    54.71.178.207 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-178-207.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.246.73.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-73-161.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    35.158.144.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-144-163.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
8    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    89.149.192.196 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
3    35.214.214.28 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 28.214.214.35.bc.googleusercontent.com
csync.loopme.me
4    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:9000:25e8:fe00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    52.215.100.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.18.218.60 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-218-60.us-east-2.compute.amazonaws.com
s.thebrighttag.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
2    63.35.30.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.202.131.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-131-94.compute-1.amazonaws.com
a.audrte.com
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
1    2a05:d018:cc3:fe05:3111:dcd8:6ca0:7e34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl
ws.rqtrk.eu
1    54.164.154.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-154-71.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.211.174.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-174-80.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
115 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
3 MB
92 googlesyndication.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
563 KB
73 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
410 KB
53 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
trc.taboola.com — Cisco Umbrella Rank: 680
vidstat.taboola.com — Cisco Umbrella Rank: 3058
trc-events.taboola.com — Cisco Umbrella Rank: 2281
am-trc-events.taboola.com — Cisco Umbrella Rank: 15139
images.taboola.com — Cisco Umbrella Rank: 1964
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-match.taboola.com — Cisco Umbrella Rank: 15405
am-vid-events.taboola.com — Cisco Umbrella Rank: 13899
sync-t1.taboola.com — Cisco Umbrella Rank: 1598
951 KB
45 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 156315
dal.walla.co.il — Cisco Umbrella Rank: 150646
1 MB
26 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
csm.eu.criteo.net — Cisco Umbrella Rank: 9249
377 KB
23 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image6.pubmatic.com — Cisco Umbrella Rank: 967
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
95 KB
21 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
ssp-sync.criteo.com — Cisco Umbrella Rank: 1344
dis.criteo.com — Cisco Umbrella Rank: 648
ads.eu.criteo.com — Cisco Umbrella Rank: 9209
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10377
widget.fr3.eu.criteo.com — Cisco Umbrella Rank: 19586
mug.criteo.com — Cisco Umbrella Rank: 2541
66 KB
19 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
prebid.smilewanted.com — Cisco Umbrella Rank: 6260
static.smilewanted.com — Cisco Umbrella Rank: 10113
34 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
r.casalemedia.com — Cisco Umbrella Rank: 1837
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
10 KB
16 amagi.tv
cdn-uw2-prod.tsv2.amagi.tv — Cisco Umbrella Rank: 61879
amg01742-walla-wallanews-ono-btlna.amagi.tv — Cisco Umbrella Rank: 155239
3 MB
15 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 99528
396 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 663
28 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 662
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9971
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
30 KB
12 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1721
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
5 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
4 KB
11 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
mabping.chartbeat.net — Cisco Umbrella Rank: 5630
2 KB
11 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 46747
event.dxmdp.com — Cisco Umbrella Rank: 45696
132 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
1 KB
8 adform.net
cm.adform.net — Cisco Umbrella Rank: 1279
c1.adform.net — Cisco Umbrella Rank: 643
dmp.adform.net — Cisco Umbrella Rank: 3616
4 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
889 B
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
353 KB
6 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
881 B
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
2 KB
6 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 74994
157 B
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
42 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
3 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
us-u.openx.net — Cisco Umbrella Rank: 547
pixelgroup-d.openx.net — Cisco Umbrella Rank: 112800
940 B
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
742 B
5 google.de
www.google.de — Cisco Umbrella Rank: 6147
753 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
414 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
3 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
1 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2114
840 B
4 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
459 B
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
creativecdn.com — Cisco Umbrella Rank: 646
1 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
sync.teads.tv — Cisco Umbrella Rank: 1584
criteo-sync.teads.tv — Cisco Umbrella Rank: 2637
870 B
4 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 57831
tr.dxmcdn.com — Cisco Umbrella Rank: 48161
123 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
898 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
1 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
34 B
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3356
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
403 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
26 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
123 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
27 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3315
970 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
771 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
484 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
match.360yield.com — Cisco Umbrella Rank: 2517
397 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
2 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
952 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 gstatic.com
csi.gstatic.com
288 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3692
visitor.omnitagjs.com — Cisco Umbrella Rank: 773
1 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 498
356 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
216 B
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 229141
app.adoric-om.com — Cisco Umbrella Rank: 53462
54 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 24211
20 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
187 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
439 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
663 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 4113
352 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
524 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1495
181 B
1 ad.gt
ids.ad.gt — Cisco Umbrella Rank: 1641
188 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2648
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 903
338 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
552 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
235 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
611 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2433
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4701
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 33274
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985
399 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 900
145 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1252
422 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1304
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10624
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
921 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 780
784 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
5 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
481 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 7164
555 B
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 56775
16 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
175 B
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111730
277 KB
1 co.il.
www.walla.co.il.
397 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
703 105
Domain Requested by
115 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
62 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
44 www.walla.co.il www.walla.co.il
39 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
28 images.taboola.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
www.walla.co.il
s0.2mdn.net
19 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
cdn.valuad.cloud
15 amg01742-walla-wallanews-ono-btlna.amagi.tv 6 redirects www.walla.co.il
15 images.wcdn.co.il www.walla.co.il
12 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
11 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 ib.adnxs.com 4 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
ads.eu.criteo.com
acdn.adnxs.com
csync.smilewanted.com
11 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
pagead2.googlesyndication.com
10 mabping.chartbeat.net www.walla.co.il
10 securepubads.g.doubleclick.net www.walla.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
9 simage2.pubmatic.com ads.eu.criteo.com
ads.pubmatic.com
9 gum.criteo.com 4 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
9 www.google.com 1 redirects www.walla.co.il
tpc.googlesyndication.com
securepubads.g.doubleclick.net
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
9 cdn.taboola.com www.walla.co.il
cdn.taboola.com
12890047.adoric-om.com
8 googleads4.g.doubleclick.net www.walla.co.il
8 prg.smartadserver.com cdn.valuad.cloud
7 onetag-sys.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
6 x.bidswitch.net 4 redirects imprammp.taboola.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
6 pr-bh.ybp.yahoo.com 3 redirects imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
6 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
6 www.googletagservices.com securepubads.g.doubleclick.net
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
6 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
6 tags.dxmdp.com www.walla.co.il
tags.dxmdp.com
5 match.prod.bidr.io 5 redirects
5 eb2.3lift.com 3 redirects ads.eu.criteo.com
cdn.valuad.cloud
5 imageproxy.eu.criteo.net ads.eu.criteo.com
5 ups.analytics.yahoo.com am-match.taboola.com
googleads.g.doubleclick.net
ads.eu.criteo.com
ads.pubmatic.com
5 bs.yandex.ru cdn.valuad.cloud
5 fastlane.rubiconproject.com cdn.valuad.cloud
5 prebid.smilewanted.com cdn.valuad.cloud
5 ssc.33across.com cdn.valuad.cloud
5 trc-events.taboola.com cdn.taboola.com
5 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
5 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.de www.walla.co.il
5 www.google-analytics.com www.walla.co.il
www.google-analytics.com
www.googletagmanager.com
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 eus.rubiconproject.com www.walla.co.il
eus.rubiconproject.com
cdn.valuad.cloud
4 dis.criteo.com 2 redirects ads.eu.criteo.com
4 sync.richaudience.com 2 redirects csync.smilewanted.com
3 creativecdn.com 3 redirects
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 cms.quantserve.com 2 redirects 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
3 csync.loopme.me 3 redirects
3 match.sharethrough.com csync.smilewanted.com
ads.eu.criteo.com
3 ssp-sync.criteo.com 3 redirects
3 cm.adform.net 1 redirects csync.smilewanted.com
ads.eu.criteo.com
3 us.ck-ie.com csync.smilewanted.com
3 sync.1rx.io 3 redirects
3 ap.lijit.com cdn.valuad.cloud
csync.smilewanted.com
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 trc.taboola.com cdn.taboola.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 dclk-match.dotomi.com 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
2 secure.adnxs.com 2 redirects
2 ssbsync.smartadserver.com 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 dpm.demdex.net 1 redirects
2 rtb-csync.smartadserver.com 1 redirects ads.eu.criteo.com
2 pixel.rubiconproject.com 1 redirects ads.eu.criteo.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 token.rubiconproject.com eus.rubiconproject.com
2 ad.doubleclick.net 1 redirects ads.eu.criteo.com
2 ads.stickyadstv.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ad.turn.com 2 redirects
2 i.clean.gg cadmus.script.ac
2 csi.gstatic.com imasdk.googleapis.com
2 static.smilewanted.com csync.smilewanted.com
2 rtb.openx.net cdn.valuad.cloud
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 www.facebook.com www.walla.co.il
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 tr.dxmcdn.com cf.dxmcdn.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
2 cf.dxmcdn.com tags.dxmdp.com
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
1 pubmatic-match.dotomi.com
1 pixel-sync.sitescout.com
1 mwzeom.zeotap.com
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 ids.ad.gt 1 redirects
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 js-sec.indexww.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 mug.criteo.com
1 s.thebrighttag.com
1 beacon.krxd.net
1 ads.travelaudience.com 1 redirects
1 s.ad.smaato.net 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
1 match.360yield.com 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 e1.emxdgt.com ads.eu.criteo.com
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 sync.outbrain.com ads.eu.criteo.com
1 jadserve.postrelease.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 ad.360yield.com ads.eu.criteo.com
1 id5-sync.com ads.eu.criteo.com
1 r.casalemedia.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 contextual.media.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 widget.fr3.eu.criteo.com ads.eu.criteo.com
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 beacon-ams3.rubiconproject.com www.walla.co.il
1 ads.eu.criteo.com www.walla.co.il
1 sync.targeting.unrulymedia.com 1 redirects
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 cadmus.script.ac script.4dex.io
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 a.teads.tv cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 am-trc-events.taboola.com
1 metrics.getrockerbox.com
1 vidstat.taboola.com cdn.taboola.com
1 cdn-uw2-prod.tsv2.amagi.tv 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 dal.walla.co.il www.walla.co.il
1 pro.ip-api.com www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 mab.chartbeat.com static.chartbeat.com
1 12890047.adoric-om.com www.walla.co.il
1 ping.chartbeat.net www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
1 www.walla.co.il. 1 redirects
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
703 178
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
valuad.cloud
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-17 -
2023-10-15		 3 months crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
syndication.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tr.dxmcdn.com
GTS CA 1D4		 2023-09-03 -
2023-12-02		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
dal.walla.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
adoric.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.adoric.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
getrockerbox.com
E1		 2023-09-01 -
2023-11-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.amagi.tv
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
itm.ivitrack.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 85 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 26D27207FE9D4D1B5B18ECBD28C177D7
Requests: 235 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 2B5863B1F872A8478B063BDBBCE2C7DD
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Frame ID: DFF4873958153F012E7D802A2E080F98
Requests: 20 HTTP requests in this frame

Frame: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E1549E0CD392EDCF6BFCFB78DEC4E6E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: DC532C1B93434446360504A2E69AB1CA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 671572E09F624F06DE73FC6DBC76B27B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E19270CBB504842AA654A99492932C81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B30370041DFAABD426E408C72281FF13
Requests: 2 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: A7CB0000204808CD76446E2B978C65C9
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&cmcv=&pix=undefined&cb=1696872506749&uv=3345&tms=1696872506749&abt=nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=1946ba67-1fbb-4338-ad95-e7204399892f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CC1A7F9F56277102D00ACDC1A5C9A699
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7DE406B982CDFB0427F1A2EC29D6AE90
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnHgR5W_puIbF0s8uwbFSFBKDO4_xiSGOnOdUvFapUWb-lVt-farun8_yKh3uoOv9i1uMObdnXHaCGXhsz4gS95zOK4qyX0Pxn9BjecDHS2gUicnFd3U1wSY401tqfCKk3GMCihW8mp_ikekSEXdMwngR2pelGELLzoMI5ZIMZ_1NUUy3pjBx2xhK05zJZBdTW4_n0uNrSDZRfJNhGYb9Wcb1C86LFEXECtuj_6B7xeovpFW-LipUgOLjXwolxjRGOvYxTBRKUTq9frwjRaQ98SxnXHuxHiJGvhBR75jD9JLJ5TcNaCgJlVeL4_xbQjGLBOt5Qr0-BCaeac1dfqN7fRiLwiLgZgKBsZ8N92csb9M_I13k&sai=AMfl-YRAMMnRyZ1SX0SdBzm3qvMQP96Wi_KfQWjAToITNNialfnYpm7CU4tp9xUdZc1g7fhHqVzpdRLT8OOnTkYQ2vhLfd5ScpTrGcTA_DBNem6Hgpfe0XwrWem_ggkF4qg&sig=Cg0ArKJSzHSkhVTi1VJ-EAE&uach_m=[UACH]&adurl=
Frame ID: CFC0F4CBD7B863E9540ABAE5C3BC0EEA
Requests: 8 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: AFE8AFFE6648D42EED02CC35C241EA60
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: A759A81DB51E6465F801FE305F99C262
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 2218BD773F114D020E341F32585F22CD
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: EF13F4642EE4750336A7ED0903568D2D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003
Frame ID: 3870F5E74C1BA9311E81EAB66E440ABD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/a3fd4cec-bce1-531a-9d91-741ef8b54c25
Frame ID: 24CE26F794AE3F0A1B34EA97F3690B01
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 9E8587D6CEAC1570F9A01F93DB2DCCFB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 968BB79B50935A1850814517F1A644FC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-U7zwh86tPI8VbmfkYeKL6tTKM00KZQE_A812eg
Frame ID: 220134E96785F6A11A19986CEB7A50EA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Frame ID: 5C4C88622D9622CE41FA785CB97C8426
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 321B34AD1A706C4EE41C77ABA893EFA7
Requests: 1 HTTP requests in this frame

Frame: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 86C9EA48CDE659CA79B06F9CEC2DF758
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6s8wTwjVB4HmUCNjfwV2JTAKElnB_wosurahsibxQESLLEw7hAfT2i8jZTIMs15i-_a2rh-un7esKcE53ZrQS3lpaJD5fY-RYmTiDY4-Pq3xP_x_FIPMFJiLl2G9-r1s-_BEufRLVAefKJpNGbqliUQU84aj6DxmvB9W-VrXbQ1AP8yjkRc9dCv9MmwRk7kBFwP2-PyM2F_xNHot_0JJm27XpcdHkToji8eIal4Nu6TRuCQj-Ul7fCI3jOvO4jekoLooPqn57YHEDIr6iz9ySp_bQ_zXM3cUehjFWDlUIOLlJNOiUpzmkLeSnui79Pblj43344K-rcnBqnd88K8E96II&sai=AMfl-YTz6Sz3vEJzspc0zaZLk57iE-5dR9A65bwSXBRXARHKJnG_9-HlBAXfly4A4oW3-aQp8oJ-RvI3rJqQVIbHBCnZo_EHtjvowM4mDQrvzLkc4MM7xjmNCB7KM6Nwl-Q&sig=Cg0ArKJSzIrdtABYxmHjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0201B1A87B93E74EC48FEA5772C84263
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Frame ID: ED7FA53D73C3B809C3C80B9E9168B299
Requests: 28 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 4293F8CE195D31C1539B46BB193F8512
Requests: 3 HTTP requests in this frame

Frame: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 25ABC56A70F3F4559F7359BD4F380A6C
Requests: 20 HTTP requests in this frame

Frame: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B2F53D9F9C48C7EB833AA8379558785
Requests: 20 HTTP requests in this frame

Frame: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2FA23E67383C59C0D2EA003B93668A4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjsnNbtATAB&v=APEucNXcWSggUsfbQjJYMeMhAZ6dcTaKSl1-Pp6j7QqhUTxaJ5H5M_r_FLqquy6iiS24u38Ka8-VLWCvrotpnD9OWqGOEblsVciXmDmd35IsQ6plCrB7GTPaYy5ZFcdrH-lcZhvoLJ_KZ-75odSvYgfnZ3CHGVuundNr8wXdKm8zojG1AzQsrOE
Frame ID: 1A3D6F5DF1712835C91C90AB9338250D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNUYsxnZjQOiUSOiXppdImz697-eh14ok2Ryqp6vB-PhXTd7CJ6HGW3zbnbeDpSei5jxw1iRzQ3TJhQVVzbN5eQ6a38fsEKqeSm3Ame7yUKWg7VeCbOHjcEzjQBRdOumw5strN36bxkNV9kevjjpb5VaLFzrr4BZ3xQQec7FIrr89uh_fTQ
Frame ID: EDEE10BDA206EE8E4F71C83EFF853134
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNW0zEdj1P724rdalLELwxfnyqCZLz_AedKVeqXqAnqVhXBN3GTJGcRU7-BTWst_RG7cukfWJXqwlhudPLGk_JO69q8tK4Stp7rhDvgA_pdDz_qT7MWZm5tgiQIuDxM3FpQ1Zn0wFM6Mt8PyyPG1zIkg-HGt04fI12UAmxaEagPdxQlICKs
Frame ID: 5736BAE1FAF0BEAB1BCB7F6DC1301805
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNXhUzJIWg_V9_edktpn1Gjcy-4TLcrETFNEzrCANM_tz9IWgI_Xz2VHFGsui_QLyGJb4Rsm283bYASxgX7HdObrhVy0YNEoySThEiw4USyg7jzCaFbe_FhaN2n_iobGely9Z20tNhV-wYzJslNXJ9UgB8Xewk2CtlW9Pu_NcVascvhs05Y
Frame ID: 567DD1F849D6FDFAE548D9395AAD69F8
Requests: 4 HTTP requests in this frame

Frame: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=6524383baa778afe34ac32bce051cbae&r=https%3a%2f%2fwww.walla.co.il%2f&crossorigin=false
Frame ID: 6FD73FFF15B6F9588C348E9AA0BDCAA3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_gid=CAESEDwFKMzVuk4ZV2uumFz6Og4&google_cver=1&google_ula=913071,0
Frame ID: 311B8DB7F139724C0C911C26DA0EB2D2
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2F941DAECFE459840998AF2350CBEB1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17753A0ED1A09B337D1BCB4ABABB50D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 504D248196EF920E5ED3860F6E85EADB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E06255C7EB017BD2ACAC16852569882
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3197450E33AE6F4F924BF385D0CEEF0D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Frame ID: 6D94894C2DB56AC802DEA7D0123CDC63
Requests: 30 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Frame ID: BA7AB8B3646791C436D9A57959DD9095
Requests: 32 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Frame ID: 8C760E62E7AE680AE6F497A75EE8A979
Requests: 26 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Frame ID: 2C2DD77E7DF50510E5DA3261C8EB6779
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C2782B945356B6EC9C37C6089398FD45
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 731831FE302C98A7802B2C30718AB598
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B04FAC028F6C1A5E5A6CE5248B7E47DA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: FB0AFA7EA6151D632C51D01393EFCEDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 3FDA18853693C8CE9736526E109762D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 12FCBED1E75798EE1A56B2BD2EEB97FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 32FC190CF68D7FEEF31A5960AAB534D9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: C7EDD60FE6A28ABAA986CAAFF5F14404
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F245731FE9D9BBCA69C5BBC6FFD308E2
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A216DE8DEDE67041B85528B82978EFD8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696872506648
Frame ID: AADB566DC6BDCDA2AE6D40E9ADFD002C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 77D53A985AF41C6D9F1C421AC3697ED2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: EC8A31BEFE19AAD77AEE19FB7BECF39E
Requests: 22 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 2E83555E9CA4AE5AD39EC145097B7239
Requests: 2 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: FAC09D0B6C0F2355BA5A32F284078BCB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 872F5C39EC425721475BDD865CDF0DE0
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6A6BA6B9120A42EB6210C1A750EDDF91
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 49BE11BDD6E0C865D3D19DB1CEC6EA94
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: CA77AA987F789088914BEEEC5846E4CA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8
Frame ID: 818E0742044D3D84E354F31291B9DF38
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 46F536F5BBD8FBFFD4E94E3AAA80701E
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 44B04EC94B157568086144A0AC34F7D8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: DA6D8751E340E17F859C85587C623026
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 9DB675EB4791BDFA28FEFD993E7FF574
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 60ABF42F81CADAD8E71F42ECD83F28F3
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: DD703DF06BA36797C2F017077326B3EC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/8417708479376425483
Frame ID: 38F2320C05C7D5011BC931FCE1B7C736
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Frame ID: 6F66D626A405B448B41F7BA25716A29A
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 2F4DBBD0B38A31C6C32F11BF0FDE0BB7
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 0FD32F74C25D99C0679F5B3D590DE0D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Kp2gkdvi1cFta75bXNNP?pi=smilewanted
Frame ID: 69C5081C0A97EC27C884C621ED1C91E7
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=208aeab2ae20b25eee516dd3b281c3a0
Frame ID: 0434BA6487A37153E61E558250D462CC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent=
Frame ID: 3389277565BE86266D60959DFBCC6085
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4235658876851245700&gdpr=0&gdpr_consent=
Frame ID: 582A5AAE1E392D0CD273287AEB6E958F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288011948821313684&gdpr=0&gdpr_consent=
Frame ID: 355C57B4C5423DBC764426B04AE7A6D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e3bc18b3-3499-4914-bffb-dfc58ba17b05&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: F817DD320C0EF0438A9A2B76DA8E0023
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UAhy-nplVWFc6x2NpdOJES2NmEw&gdpr=0&gdpr_consent=
Frame ID: E79CEC9E2B84080321CBFF7423D36BA8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSQ4QQAWekuIrgAN
Frame ID: EDD4746DE6F5C7E224F581EC5ADE010B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFfCk7KSHEAABhZFUOJKw&gdpr=0&gdpr_consent=
Frame ID: 135BFCB94EBE6942A4015F4BF212ADD8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C711A451235BD64B5ECFC32E763C9484
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! חדשות. ספורט. סלבס. אוכל - עדכונים ודיווחים שוטפים

Page URL History Show full URLs

  1. http://www.walla.co.il./ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

703
Requests

91 %
HTTPS

34 %
IPv6

105
Domains

178
Subdomains

135
IPs

13
Countries

12159 kB
Transfer

28226 kB
Size

122
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.walla.co.il./ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1711072935.1696872505&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ODgkZfy6OfKg9u8P19KS4AY&sscte=1&crd=&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIS2yzZ8GgKjpIBgFRTvzp30_1Kp3SgJGn0&pscrd=Ek9DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUkltQUp0c0ZwYS1ncGFWT1RkdzZzdFBoLVJxY3luU0YwVF9rVjNUYmlXWnpwZGtIWVcxOThFGlpDaEVJOE1tT3FRWVE5ZlQ5aFlhOTY5amVBUkl1QU1BWUh5TWFKVC1rSDFwMWRzSVo5NWxUWFFpdFA5N2NpWGVFcTdhUlVrbUg3UjNpMGJkb0xFdmNHRnZGeHciEwj8tovXvumBAxVykP0HHVepBGw HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1711072935.1696872505&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUkltQUp0c0ZwYS1ncGFWT1RkdzZzdFBoLVJxY3luU0YwVF9rVjNUYmlXWnpwZGtIWVcxOThFGlpDaEVJOE1tT3FRWVE5ZlQ5aFlhOTY5amVBUkl1QU1BWUh5TWFKVC1rSDFwMWRzSVo5NWxUWFFpdFA5N2NpWGVFcTdhUlVrbUg3UjNpMGJkb0xFdmNHRnZGeHciEwj8tovXvumBAxVykP0HHVepBGw&is_vtc=1&ocp_id=ODgkZfy6OfKg9u8P19KS4AY&cid=CAQSKQDICaaNFN2tfukthCxEgK7QNPVCejyo03uDb57uvKDyAE5SUgWUui1q&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIRc08B_gHRsgTguaV7gMMcAoSh3acoWHBw&random=244232121 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1711072935.1696872505&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUkltQUp0c0ZwYS1ncGFWT1RkdzZzdFBoLVJxY3luU0YwVF9rVjNUYmlXWnpwZGtIWVcxOThFGlpDaEVJOE1tT3FRWVE5ZlQ5aFlhOTY5amVBUkl1QU1BWUh5TWFKVC1rSDFwMWRzSVo5NWxUWFFpdFA5N2NpWGVFcTdhUlVrbUg3UjNpMGJkb0xFdmNHRnZGeHciEwj8tovXvumBAxVykP0HHVepBGw&is_vtc=1&ocp_id=ODgkZfy6OfKg9u8P19KS4AY&cid=CAQSKQDICaaNFN2tfukthCxEgK7QNPVCejyo03uDb57uvKDyAE5SUgWUui1q&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIRc08B_gHRsgTguaV7gMMcAoSh3acoWHBw&random=244232121&ipr=y
Request Chain 139
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Request Chain 276
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Request Chain 277
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696872507093 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7478083408 HTTP 302
  • https://sync.1rx.io/usersync/turn/7741086008117221691?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003
Request Chain 278
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=2504124715420108818 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/a3fd4cec-bce1-531a-9d91-741ef8b54c25
Request Chain 282
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=69a96176-48fd-4561-93ae-5c8feee43970&dised=true&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=p_vRBl9QOEd1TEkwbWdyMXBzd0MwWURoYjA5RW1qTVhCTkslMkJvMmtFU0tUMTZzZDJYMldsTmZZUlhGY09HakwlMkZ5VXkxcWhJcjJ0YXczZDNCSkxuMUE0VCUyQlNnVjFNUHdPY1N6NGJOWXFpREt6cmRhQ1FxSWJvajBBZEREUjRYazVQTG1OOGNBR0FKVTY5bEhON3FXJTJGSmdjdXNTS2l2UWtkeGglMkJPV0k4bENOWXd4RDZiODZkOTFRUnJyTmltMndPNFFWZzNm&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-EUEzic6tPI8VbmfkYeKL6tTKM01kXBoMuA56Aw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=p_vRBl9QOEd1TEkwbWdyMXBzd0MwWURoYjA5RW1qTVhCTkslMkJvMmtFU0tUMTZzZDJYMldsTmZZUlhGY09HakwlMkZ5VXkxcWhJcjJ0YXczZDNCSkxuMUE0VCUyQlNnVjFNUHdPY1N6NGJOWXFpREt6cmRhQ1FxSWJvajBBZEREUjRYazVQTG1OOGNBR0FKVTY5bEhON3FXJTJGSmdjdXNTS2l2UWtkeGglMkJPV0k4bENOWXd4RDZiODZkOTFRUnJyTmltMndPNFFWZzNm&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-EUEzic6tPI8VbmfkYeKL6tTKM01kXBoMuA56Aw HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=p_vRBl9QOEd1TEkwbWdyMXBzd0MwWURoYjA5RW1qTVhCTkslMkJvMmtFU0tUMTZzZDJYMldsTmZZUlhGY09HakwlMkZ5VXkxcWhJcjJ0YXczZDNCSkxuMUE0VCUyQlNnVjFNUHdPY1N6NGJOWXFpREt6cmRhQ1FxSWJvajBBZEREUjRYazVQTG1OOGNBR0FKVTY5bEhON3FXJTJGSmdjdXNTS2l2UWtkeGglMkJPV0k4bENOWXd4RDZiODZkOTFRUnJyTmltMndPNFFWZzNm&u=e3bc18b3-3499-4914-bffb-dfc58ba17b05 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-U7zwh86tPI8VbmfkYeKL6tTKM00KZQE_A812eg
Request Chain 283
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Request Chain 337
  • https://ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/B30324728.372746799;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778afe34ac32bce051cbae;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;dc_tdv=1;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/B30324728.372746799;dc_pre=CMberti-6YEDFcTTEQgdxToCJg;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778afe34ac32bce051cbae;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;dc_tdv=1;ltd=
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
Request Chain 343
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQ4O6FjR.6R5cdb4Bjp1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
Request Chain 345
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
Request Chain 347
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQ4O6FjR.6R5cdb4Bjp1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
Request Chain 349
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO5gOw7vSnslaGv3k6ASwoY&google_cver=1
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECto3BYTi_WUKldwk3fVOJk&google_cver=1
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPTOR3UcENbHobCvo5USWZE&google_cver=1
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_cm&google_hm=ay1EaXhtd002dFBJOFZibWZrWWVLTDZ0VEtNMDBpdFdkdVdMbUFpUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_gid=CAESEDwFKMzVuk4ZV2uumFz6Og4&google_cver=1&google_ula=913071,0
Request Chain 385
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4235658876851245700
Request Chain 397
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2w3hR3c3glwLO9BpxFmg-jFpFKrQIofY HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2w3hR3c3glwLO9BpxFmg-jFpFKrQIofY
Request Chain 444
  • https://um.simpli.fi/gp_match?google_gid=CAESEC070X3Spl2HbKJwxH0lPS0&google_cver=1&google_push=AXcoOmQgIsDsLlaB2ebctVIfxk7whCnxE3MWSA8HQKKTGFRWobhz0WCLwcoj1exwyPrZ8Wpa0dYsFnsScrDtcqz4U-O40PIw1P9F9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0C011F2B78A6430186B9463D687B21FF&google_push=AXcoOmQgIsDsLlaB2ebctVIfxk7whCnxE3MWSA8HQKKTGFRWobhz0WCLwcoj1exwyPrZ8Wpa0dYsFnsScrDtcqz4U-O40PIw1P9F9g
Request Chain 446
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJShYRR0kbhqrrI6s9XUFNU&google_cver=1&google_push=AXcoOmSOYYJ6Zc6w4jo0C9NsKx0uVJrczUDmqIQSZhvKzeXYMfjkm7zbS1vxw2npOPSNdsVw9JGX2_MQ7MtSSTSUtnJF7Ehha5GO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSOYYJ6Zc6w4jo0C9NsKx0uVJrczUDmqIQSZhvKzeXYMfjkm7zbS1vxw2npOPSNdsVw9JGX2_MQ7MtSSTSUtnJF7Ehha5GO&google_hm=SexD-WydRhCrtRH0dpIxwkw
Request Chain 447
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZCWHgB44zlaURXtdkffQE&google_cver=1&google_push=AXcoOmTej_0HpAnGi0hZeYqzS4HjxQzR_7QkF6CdHgIG4pvsVdIMUT-ou-wUSIJUZTrJW6qAAs4VruQ8OhjbLQjiuldHoEi_Fmdn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTej_0HpAnGi0hZeYqzS4HjxQzR_7QkF6CdHgIG4pvsVdIMUT-ou-wUSIJUZTrJW6qAAs4VruQ8OhjbLQjiuldHoEi_Fmdn&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
Request Chain 448
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENbvHNqMygaLDp7XSCnFg2s&google_cver=1&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPRIBmw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPRIBmw&google_gid=CAESENbvHNqMygaLDp7XSCnFg2s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPRIBmw
Request Chain 450
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&google_cver=1&google_push=AXcoOmRwk1rs64qBw0RjcmgPg0dPNf_zced3B4AV3-bfCdnSAFRBqOfitilocbrVSeOem0tsXGBluLmU_X34FXHohWK6HdR2ypYrr98 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRwk1rs64qBw0RjcmgPg0dPNf_zced3B4AV3-bfCdnSAFRBqOfitilocbrVSeOem0tsXGBluLmU_X34FXHohWK6HdR2ypYrr98&gdpr=${GDPR}
Request Chain 477
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZCWHgB44zlaURXtdkffQE&google_cver=1&google_push=AXcoOmSBV8A7M0L_eOigJ4-L5fwHTOIU1QaiiV5ctCnZkS1gTChGLOr_f9vvQnWwCeYgsOuP028I2qJqt5UY09k2JhWag9hu61vJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBV8A7M0L_eOigJ4-L5fwHTOIU1QaiiV5ctCnZkS1gTChGLOr_f9vvQnWwCeYgsOuP028I2qJqt5UY09k2JhWag9hu61vJ&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
Request Chain 478
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJPD5Y HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJPD5Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJPD5Y
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDto0n4RyDHSZp-jYLdd0Ds&google_cver=1&google_push=AXcoOmRMLQ2thNxDpsM1ObbM_gADVSsJHIvGM2V9AL3l_q0zVy6af3lrLUav5VChQPol1BYGmf_vELjAIqQ3LeIjmDW6XiCuVUU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNjJUUkItMjEtNjNJTg==&google_push=AXcoOmRMLQ2thNxDpsM1ObbM_gADVSsJHIvGM2V9AL3l_q0zVy6af3lrLUav5VChQPol1BYGmf_vELjAIqQ3LeIjmDW6XiCuVUU
Request Chain 480
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHQ_b-olFWLHBHqX5P9WtgU&google_cver=1&google_push=AXcoOmS2Gja-h6O-nHKsgBiu0m0OlGJo7rkJME6sW3RXCzTLbqIwmqcc69UtjGxeKsCrvgNgCsmmaD0DGPxd-3RLLjJymi1v4hSE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2Gja-h6O-nHKsgBiu0m0OlGJo7rkJME6sW3RXCzTLbqIwmqcc69UtjGxeKsCrvgNgCsmmaD0DGPxd-3RLLjJymi1v4hSE
Request Chain 483
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFG6-aRw_5ip747mOAGeBDI&google_cver=1&google_push=AXcoOmS5Uv4pR_7frD14m6UgJS5WH-XS5HNBdnScd301kAh3J77W2WbVYY65T_loo7Zn1A8e59QZ1s0exwdTxwKHSw_3jlcJ6sFPIA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D&google_gid=CAESEFG6-aRw_5ip747mOAGeBDI&google_cver=1&google_push=AXcoOmS5Uv4pR_7frD14m6UgJS5WH-XS5HNBdnScd301kAh3J77W2WbVYY65T_loo7Zn1A8e59QZ1s0exwdTxwKHSw_3jlcJ6sFPIA
Request Chain 506
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha3OL0 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha3OL0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha3OL0
Request Chain 507
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJg3jkQQp1tOXzYWmOMG1_8&google_cver=1&google_push=AXcoOmSSDiino0uEPZHvQqEetEg2CoSbqLPp8DzwCqXgvnui8OWjbn1cFT6quA3LGoS79s1CO5QEwtcuHulAIhv1_o_dp1sk-OE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eee6ExtjTKG0gMNxF3Rfhg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSSDiino0uEPZHvQqEetEg2CoSbqLPp8DzwCqXgvnui8OWjbn1cFT6quA3LGoS79s1CO5QEwtcuHulAIhv1_o_dp1sk-OE
Request Chain 509
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHQ_b-olFWLHBHqX5P9WtgU&google_cver=1&google_push=AXcoOmQjFqNlgNRYTKYmHEL5EF-WNODY5dYe9KmkX_RHS_pfOk3w21dqymfR7BDj9_fSsM3C798PaUBJ9cCZhY-LGPNb4PP74SUv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQjFqNlgNRYTKYmHEL5EF-WNODY5dYe9KmkX_RHS_pfOk3w21dqymfR7BDj9_fSsM3C798PaUBJ9cCZhY-LGPNb4PP74SUv HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 510
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&google_cver=1&google_push=AXcoOmTPKJ68NMAOwF2opZtFgjRYYK3xbsCTQnWiEPQ7uK4Cq5bK8ZRgs5YRi1AebjB24hS39n2slBwCXpgqoIkZ2lnBgQWyNzQv HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTPKJ68NMAOwF2opZtFgjRYYK3xbsCTQnWiEPQ7uK4Cq5bK8ZRgs5YRi1AebjB24hS39n2slBwCXpgqoIkZ2lnBgQWyNzQv&gdpr=${GDPR}
Request Chain 514
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEB0L-EfMdzlncKkFfesnXxw&google_cver=1&google_push=AXcoOmRTmH3Gq9QjPiy08F8UVDb-qAd7DkctkKLP468bms87a_6VK4-o-rlwT1SJSu9YfE5OaOWVQgPPhYbW1y2tp7gf0BSK74amgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Smpt_bmhTpA3st1r9g3_bA&google_push=AXcoOmRTmH3Gq9QjPiy08F8UVDb-qAd7DkctkKLP468bms87a_6VK4-o-rlwT1SJSu9YfE5OaOWVQgPPhYbW1y2tp7gf0BSK74amgA
Request Chain 515
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZCWHgB44zlaURXtdkffQE&google_cver=1&google_push=AXcoOmS6QvJEeKjQRzk3w8gkdtvdbbWHmvhikmP6DlWl88HiePFLSVF5Twa5-A8rqyBlmrt7gqb8cq0DgJipZDFGFFlZJRawaWn8ZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS6QvJEeKjQRzk3w8gkdtvdbbWHmvhikmP6DlWl88HiePFLSVF5Twa5-A8rqyBlmrt7gqb8cq0DgJipZDFGFFlZJRawaWn8ZA&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
Request Chain 516
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJURPC_LKFiw_PZh-qVe9Mk&google_cver=1&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGkhqrxldvx-TrzvI7C4Ccx4HtQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJURPC_LKFiw_PZh-qVe9Mk&google_cver=1&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGkhqrxldvx-TrzvI7C4Ccx4HtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzcwODQ3OTM3NjQyNTQ4Mw&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGkhqrxldvx-TrzvI7C4Ccx4HtQ
Request Chain 518
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENbvHNqMygaLDp7XSCnFg2s&google_cver=1&google_push=AXcoOmRQYOR1JLoGF_5fYS12HrMbg89z4FJdHRXi1Y1HAP-hUdFJ7iPEhUbHBpi-gdr0GWbJ6Cq97pJdHkKj4X18FjuSsE56xKOSGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmRQYOR1JLoGF_5fYS12HrMbg89z4FJdHRXi1Y1HAP-hUdFJ7iPEhUbHBpi-gdr0GWbJ6Cq97pJdHkKj4X18FjuSsE56xKOSGw
Request Chain 562
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sj8SIQ9mq5pju7ZWj-MiwREypW5S_8L2
Request Chain 599
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4rKq4eObvOKgbYKjnnHy3vdLjxMiKypb
Request Chain 628
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=GzeaJ3xzMU9aYktHZnIvRW0yVUhXQ3NnaDQzMllOS1JNZlgvOW50U3JsN1Y2VSt4UitxZ2tkNTZDd3RUY0ZGelZtWnF5cWdXZWRvWHB5VWF2Q2VUYThqOWJtVTA1RXBSTlNXNlJCSXJRV09ZMWs4NHcrRmtwU2FjTG5Kdk5RaU5PM1RYaGVaMVRGeUlyUVNvVnlwSGk2ejBwYUxtblRKSnk0VmQ1eUR1Q2xONWRYUDhjL3llV3dibDlHa05CblhpdVlvbkswVWV6dWY3N252bDZMUTFkT25VVEd6MnRjaFR5M2ErY1VIcUUzTjV6dkYvMU5CM0QvSUljcHhoRGpIajRrSmdRaTcvZTNVQzNxYmVLQS9GR3lCMEt1QT09fA&cppv=2
Request Chain 646
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 647
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 648
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8
Request Chain 649
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eee6ExtjTKG0gMNxF3Rfhg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 651
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3995694134 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=79E7BA13-1B63-4CA1-B480-C37117745F86
Request Chain 652
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=79E7BA13-1B63-4CA1-B480-C37117745F86 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTVjTUdoTzVNc0dTazJTYi1LS3RPRlV6QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8417708479376425483&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 653
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzlFN0JBMTMtMUI2My00Q0ExLUI0ODAtQzM3MTE3NzQ1Rjg2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 654
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIiOy4q3PWfTY_oeIxJq2W8&google_cver=1
Request Chain 656
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8417708479376425483
Request Chain 663
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 665
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP0phVvqS4vshSa8jafBTjs&google_cver=1
Request Chain 666
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4235658876851245700
Request Chain 667
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Kp2gkdvi1cFta75bXNNP&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258&tc=1
Request Chain 668
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ZQVs8GAIbad-BD3zawFz9GtSP6J-Uj30awiMkld_
Request Chain 669
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaakif7g7dbaccagfifbaaflceb6kkkliaabackkc2jl
Request Chain 675
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 677
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8417708479376425483
Request Chain 678
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/640x360_642400?bcn=1&ca=0&cid=VR1272&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_673167.ts&seg_id=673167&user_id=413f7f5e-66c9-11ee-b560-1e39ce08e05d HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673167.ts
Request Chain 679
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Request Chain 681
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/640x360_642400?bcn=1&ca=0&cid=VR1272&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_673168.ts&seg_id=673168&user_id=413f7f5e-66c9-11ee-b560-1e39ce08e05d HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673168.ts
Request Chain 684
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/640x360_642400?bcn=1&ca=0&cid=VR1272&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_673169.ts&seg_id=673169&user_id=413f7f5e-66c9-11ee-b560-1e39ce08e05d HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673169.ts
Request Chain 685
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Kp2gkdvi1cFta75bXNNP?pi=smilewanted
Request Chain 686
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/640x360_642400?bcn=1&ca=0&cid=VR1272&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_673170.ts&seg_id=673170&user_id=413f7f5e-66c9-11ee-b560-1e39ce08e05d HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673170.ts
Request Chain 687
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=208aeab2ae20b25eee516dd3b281c3a0
Request Chain 693
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/640x360_642400?bcn=1&ca=0&cid=VR1272&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_673171.ts&seg_id=673171&user_id=413f7f5e-66c9-11ee-b560-1e39ce08e05d HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673171.ts
Request Chain 694
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/640x360_642400?bcn=1&ca=0&cid=VR1272&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_673172.ts&seg_id=673172&user_id=413f7f5e-66c9-11ee-b560-1e39ce08e05d HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673172.ts
Request Chain 697
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4235658876851245700&gdpr=0&gdpr_consent=
Request Chain 698
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288011948821313684&gdpr=0&gdpr_consent=
Request Chain 699
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e3bc18b3-3499-4914-bffb-dfc58ba17b05&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 700
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UAhy-nplVWFc6x2NpdOJES2NmEw&gdpr=0&gdpr_consent=
Request Chain 701
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSQ4QQAWekuIrgAN
Request Chain 702
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGZkNrN0tTSEVBQUJoWkZVT0pLdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFfCk7KSHEAABhZFUOJKw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFfCk7KSHEAABhZFUOJKw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFfCk7KSHEAABhZFUOJKw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3452735518411175959&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFfCk7KSHEAABhZFUOJKw&gdpr=0&gdpr_consent=
Request Chain 703
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 705
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=79E7BA13-1B63-4CA1-B480-C37117745F86&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=79E7BA13-1B63-4CA1-B480-C37117745F86&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 706
  • https://pixel.onaudience.com/?partner=214&mapped=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2db483a33615126f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 709
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7741086008117221691&gdpr=0&gdpr_consent=&us_privacy=

703 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://www.walla.co.il./
  • https://www.walla.co.il/
555 KB
250 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b5f38674b18cb283ec98740cb5d8a671416c31dfdcfd30036738d5d253e5f570

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 17:28:24 GMT
etag
W/"8adf4-WyQMIg3vbWn8NBu4Vr+dQTo/Vbo"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-id
DQWjlofMe28MxRSdVJ-m24GYNTg4XdW4T62FCCVJ-9Z_-Z5P8AdJUw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 09 Oct 2023 17:28:24 GMT
Location
https://www.walla.co.il/
Server
CloudFront
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jUNLpkKl8jSH5RPSyycy8FvfTiVI6quwur8RBZXFExZ9Cl2-qApCjA==
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Redirect from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1aca347f804683cebddecd9e72bf4c3c9dc88fbad4bc89913c4941378ce4d474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29744
x-xss-protection
0
server
cafe
etag
668 / 19639 / 31078562 / config-hash: 1673092940278745592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:24 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aca1e66c3e8518072d653ba2c6d3d36eb60c78e9cd8be551a099ab5167b4b5e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74774
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 16:34:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 17:28:24 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-83.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:15:51 GMT
content-encoding
br
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
25953
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
rJptkl6AP8I_9h3_1_8ijJ_4nVmkYKAe8-adEXeglSl4XhfcDbhytg==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:1e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:56:20 GMT
content-encoding
gzip
via
1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
AMS1-P2
age
1924
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cEUykrtxoCEyBT9usVjLIemO_LVQgs95Myw6Ic0NC6xUIfwhsuBb9Q==
expires
Tue, 10 Oct 2023 16:56:20 GMT
logo-with-israel-flag.svg
www.walla.co.il/public/assets/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/logo/logo-with-israel-flag.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"bee-18b13de5404"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
-IHWfPdbdo0UMzvWxDAJv1Ixd1Cob_25NB48aVOi3S8-PeDyJx-nqQ==
x-cached
HIT
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"7ee-18afef67d7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
og3rcmzCfG0TCqINyNo2voCZJfeOO8yACp9vOEKKDwNqZiFb1MGbPQ==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"1d0-18afef67d77"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
QdXsCbQHs2C6t64oBcQKH0r-2bWC-8AyiZWCyy3TYvJnpwMqcYuaxQ==
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1011 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
26318d88d486abac38f9e0d2051f727b555d5b339368f135349e6f4e2f594c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 10:08:41 GMT
x-amz-request-id
tx00000000000000ae671e5-0065241c8e-3b76e6d0-fra1a
etag
"f36b261da0ccc83e3b7166adea7d580f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1696872504.dop220.lo4.t,1696872504.cds261.lo4.hn,1696872504.cds005.lo4.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
282996
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		892 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a02ca2cc000f49572e3c6aa67abbd17f1e2e7c0c1687143017ace8cbc2f3048a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
94O8UNbIvBURIsY00NRUne6sdqcQD2BD
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:24 GMT
x-amz-request-id
YM1W8GJRZSTF5XQP
age
5046
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
14
x-amz-replication-status
FAILED
content-length
69987
x-amz-id-2
T+7/AKXDxpMKPskxw8BM1JkVUqg/niaTepFvVEKDTwR5BIqf+8hg+FQ0PQYbP8artTkp6JjTHHs=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 13:47:22 UTC
server
nginx
x-timer
S1696872505.560600,VS0,VE2
etag
"119632090bf03e70a8731d6e15746266d9de942a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
20
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
d914e564ecf0f0620ab21ce0365beb2901287fa5802d69f3f0fb5cfae2a8bad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:24 GMT
Content-Encoding
gzip
Age
1497
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27595
Last-Modified
Wed, 04 Oct 2023 22:07:43 GMT
Server
ECS (amb/6BC7)
Etag
"27ff44f80811006c28f51333efa93f56+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		491 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
871e0bc387886d5627a1d12b8bb988ef62f33d905b6fe7e30d20e3039dd4ff5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111030
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 16:34:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 17:28:24 GMT
gtm.js
www.googletagmanager.com/ 		418 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa08e0c850ac539350c43c52fe00deaa2f7f21f06b91007ea8b258f5d72b4b2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83044
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 16:34:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 17:28:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 09 Oct 2023 15:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5811
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 09 Oct 2023 17:51:33 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:1e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:21:52 GMT
content-encoding
gzip
via
1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
AMS1-P2
age
392
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0o3mkNz3kL3wCsN-2vqz6lkbHiNynoPhu5CKPysFKSRW0Yc_zYaRlQ==
expires
Tue, 10 Oct 2023 17:21:52 GMT
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"c00-18afef67d7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
WvsMFc8p2VQpcHoFKjKL9HcQku-gZ-sgi4w2ruU8u4aMmVlGSDpioQ==
x-cached
MISS
tiktok.svg
www.walla.co.il/public/assets/navigation/ 		628 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"274-18afef67d88"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
MISS
x-amz-cf-id
q2skQPTV83P4CIhWBMR5czSqGRcsXNOEnqT1TOgyDVMXGSK0ID5UoQ==
insta.svg
www.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"79e-18afef67d88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
uGYUdBfNKaMu1v-s2Yt6Gfsi0fZPVqtBwMDv6rNxxDznmWx5HMqCgw==
x-cached
MISS
twitter.svg
www.walla.co.il/public/assets/navigation/ 		1004 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"3ec-18b13de5407"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
X7J5u6Bl-V-M5eFLoGpTG0kAMtxurGxvcLwtm0ia4xEIKB6FGesHUg==
x-cached
MISS
facebook.svg
www.walla.co.il/public/assets/navigation/ 		471 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"1d7-18afef67d88"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
MISS
x-amz-cf-id
lncQXqhZvrohJt8LGe6Q1Vv3q_Gvsd7z5vGIaRF-9zQBPUgYgWfcqw==
3611817-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/3611817-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3ce84dcbdacf2f82e165cbaa57b5032f45895375dc2b0ea895b9be4c803e131e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 14:33:49 GMT
via
1.1 google
age
10475
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104996
3602381-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/2/3602381-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cb83104a5fa0331abe1dc6736659956bae6a6e16dc5927a381a1de3f7ad98a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 22:57:34 GMT
via
1.1 google
age
66650
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19318
3580163-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/0/3580163-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ee7fafc2f935351d7d3693ca55f003d7cdfb39c0117defeacb43c06f44ce9b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 00:08:40 GMT
via
1.1 google
age
62384
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5698
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"834-18b13de5411"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
5QBggTlbISfeKVc6k0BtbRxF4IWsPdvlCQsKc3LdMYOubHXgY0oOZA==
x-cached
MISS
3582998-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/2/3582998-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
26f431af7024210d31fca970d3ee633c8beab47d56e4a0fb17d832e0615c9cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 01:03:39 GMT
via
1.1 google
age
59085
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6324
logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"26ba-18afef67d77"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
9914
x-cached
MISS
x-amz-cf-id
N4mXPNjw62DQhOt9iMblUhXVWGooVpx8AdyH_ZnHZK2abmLEt4l-kw==
3125231-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/2/5/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/2/5/3125231-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2f9dacf0a2ff7b38244d273910d5bdbf00048ec13daa199ebb7ce53d56315007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:47:58 GMT
via
1.1 google
age
31226
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4354
3598564-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/8/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/8/3598564-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7455f093e10ad855982456bdd10cfcd51d0cff859356cec3ffb5c9317b8294ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 23:50:07 GMT
via
1.1 google
age
63497
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9944
3607177-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/7/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/7/3607177-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a3b23c1b85f6e4a797e4a6098cb721285753bd1e6105a341d70d86755d147855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 18:16:56 GMT
via
1.1 google
age
83488
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13360
winner_logo.webp
www.walla.co.il/public/assets/sport/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/winner_logo.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16764
etag
W/"1a56-18b13de5413"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
6742
x-cached
MISS
x-amz-cf-id
ZFoXRY2wauhSZ0PMwZ0I3UBEPm2x-jC0A_uxLhV1VziiiURiIAtvAA==
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"5b6-18afef67d7d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
fg9le-ALAQiGSzzn_QRPBilOx0OREyKX1eeP3V6vZMsT0pMe6mLxIA==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"2e7-18b13de53f6"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
K-DfYDKdKol4QYGDestNuztuY7N7BaMEYoQTtFeQeZ8KaSfVLOMh-A==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"b30-18afef67d7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
VrZq13Ky18HTnoZm654I896VCSIDz-LbS93Hft1HVz87TZAN0T6ZeA==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"85c-18b13de53fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
SIi_NTk0TTET7mburv4GfFogZV3UzXS9-a3EK7xI6VKMx2Xekcr50g==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"5f6-18afef67d77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
zoCVav3j5nJCEmoVBsTX0jE0GjnqBSk87siiMNYazGNxOhdG2Ak1sg==
x-cached
MISS
walla-sprite.svg
www.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 08:43:25 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
204299
etag
W/"4a05-18afef67d80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
7U46w37Jv0cQpCzbYarOmc5XycbytTSNlTj0UrdL8c0Mn_J-VMxnog==
x-cached
HIT
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"e954-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
QkP5kKuf6TU4T3z18VwKiURG4D7ZIqaCOFjmkwwgXiWa-DVPCZheBw==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"ea00-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
b-HyFts5Aq9L_rUNGzdxoiABFOQLJAL3VIpP4rBcVQqrOuQNjA6GLQ==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"e770-18b13de5426"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
OJEJp2Pi3M9yKCBlgnesMcB8goyOt2H0N3JZ-iOGkCKlAHSHrAlPfg==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"e7c0-18b13de5427"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
w-hZZEYql5md9BNOBN0xL7U9SiMPRWIB7icnDjQjuEk0tOxWSMfWLg==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16765
etag
W/"3bdc-18b13de5429"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
_vTNKaREyipCeRR7l9IkrEFDhbT5P1Zy3MECscE_dQKIkjPQtqnvew==
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
www.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16764
etag
W/"248c-18b13de53e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
zr66MX2dSLDYhQdqyIO3APu8lYc3qlXlvCrEXL6puRxUBIxmunF86A==
x-cached
MISS
3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
www.walla.co.il/public/ 		313 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
da8356ea10c3ccaa5f0c89a0acfab206a79856452f5d67b22a088d90248d3877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"4e534-18afef67d5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
EIkiBpD7RFYxesyjAFf5gsshfwfb-fiF_2X_z3sCPIQO6sVZd68t_w==
x-cached
MISS
main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
www.walla.co.il/public/ 		999 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a97cc502f748b97196cdb2e6c0431c5763654ea22d4fa44e18ceccd8a4c3785b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16764
etag
W/"f9c37-18b13de542c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
H8uEFgwHS7g9S5YCgN8Cyyn0uQSHFTPinRAAsm81ML0FQeY7_dQTpQ==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
www.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"6b6b-18afef67d61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
IJh7KUGgkPzyYH8QNQviCQoPwTxZWz7Vak8q_CxyvQGMXuxFPrGDyQ==
x-cached
MISS
homepage_1ff03ced9a895ee6b487_1ff03ced9a895ee6b487_walla.js
www.walla.co.il/public/ 		219 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_1ff03ced9a895ee6b487_1ff03ced9a895ee6b487_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
134e8c304f3fa0a6bb741b085624f496d9d697da80836f8b9ed65c412a2f8efb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16764
etag
W/"36a0c-18b13de542b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
ixf5WwX78UVpYJDuPw0Db8cHkS-bObSp74cyEdPN0VvGZZ051OEAfA==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48c0c57a2ff350ffc914dc5b5724d8f7df76a8345fd089398d353a0b6979a149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 09 Oct 2023 17:28:24 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
303
x-accel-date
1696872201
x-77-nzt
AcO1qhE3Nzf/LwEAAA
x-accel-expires
@1696872801
x-77-age
303
last-modified
Thu, 05 Oct 2023 13:53:37 GMT
server
CDN77-Turbo
etag
W/"651ebfe1-10f6"
x-77-nzt-ray
4c15622436bc5b1e383824657f11df2d
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-83.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
20372
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 11:48:52 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
8Edr2jMadxJeIZQe2A6FickECCz06vKC2mFJWxq1US9JJk5kd8QLSw==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
survey.js
cf.dxmcdn.com/dta/ 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/survey.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5600:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 04:29:12 GMT
x-amz-version-id
YtNR9erNG.NoRBEcRdBoVE4OGMJQuym3
content-encoding
br
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"b034abfcfb6819eabeb9878dfce0a78a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
46753
x-amz-cf-id
BORgvuGiydFbpdxR-3ZEdjIo3Sjuf8iipAh-63NqCNeQ01UzwE5nCA==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-83.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/javascript

Response headers

date
Mon, 09 Oct 2023 11:48:44 GMT
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
20380
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
-sOGZlH7TCHVzdfRmMI3dYPtuTkxKDjWsIU58eRGDy5VQZih2MIYMA==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-83.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
20372
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 11:48:52 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
_E-4dP_WuKppFgbI_eINKD3YaO6RcFK6Kml8xwL0bMvqXJI9PkvXCg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-83.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/javascript

Response headers

date
Mon, 09 Oct 2023 11:48:44 GMT
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
20380
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
banOEA52kEvjx24CLyAWhM8qQGgwhjIeNevFWex66p-WEJhlEM4TSg==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1696872504771&cv=11&fst=1696872504771&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=1711072935.1696872505&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
382a44d48fad462434b05881490c362b1f1b6f3247647e47585a39b124ec22f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1382
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=CUmyPgBy2e1HDoneE8&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11020&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=559&t=B-RvxiC6MNVdxv3zQDNTEB6Dit0yw&V=141&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=-120&sn=1&sv=sSJe6CqNLMZBxm9d7JOyb_OLQos&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.207.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-207-173.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html
platform.twitter.com/widgets/ Frame 2B58 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC4) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
153328
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Mon, 09 Oct 2023 17:28:24 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Wed, 04 Oct 2023 21:58:35 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC4)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/ 		419 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
38382
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134827
x-xss-protection
0
server
cafe
etag
8968824880815585736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 08 Oct 2024 06:48:42 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 17:28:24 GMT
server
Google Frontend
x-cloud-trace-context
bed3a06c4bdf07b463b7560edf7e69df
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id
c923fb34-010b-498a-9964-94b32d2ba8ff
x-vad-version
0.14.16

Response headers

date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
e032e23f248690d556c7b39bd57216e9
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1060927038&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=278204555&gjid=1875747200&cid=1076015235.1696872505&tid=UA-4780630-1&_gid=1612521642.1696872505&_r=1&_slc=1&gtm=45He3a40n71T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=1913276799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 09 Oct 2023 15:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5811
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 09 Oct 2023 17:51:33 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1696872504912&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=1711072935.1696872505&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
df5787bb87ee1068c999e5203e739e875e3606001bfef18ea738141ef8536fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18630
x-xss-protection
0
server
cafe
etag
7951265875426957259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 17:28:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53356
x-xss-protection
0
pragma
public
x-fb-debug
UoEoY3PDiHNHCyFYmlImVDfrq7ppe7EHtTuVbUfhx8CLXXRV9QFYW/yLCzXZZ8KnPPqHQX3m5+nZfeAHXgcegQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
adoric.js
12890047.adoric-om.com/ 		194 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
480
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
server
cloudflare
etag
W/"306f2-9CYdnBzPfOdeDxtg9L+WyF/1La0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XqW1sDzjAAwSKKuXkXnETKvi%2F65grIfBcvmrtyubsgVrf6C0RFfMNcJ4qdu2uvs%2FM5W9Z5GLIvjxnZdjz2Q9GYnOCXARkR2sdDupBzjkuXXpkRjUiG9dLGQjJ83JeRe1FT445h%2FK3li2vcb5MozdQV8vu07"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
81385703fa539b43-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f60dfc288579bd9be68c5feec395ad5cef460bafbc01d399332d1ed99e08e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79174
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Oct 2023 17:28:24 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bf4742574fcd745ecc17fb04b9cc5868072691d1eeb40f53e816a825fa24b8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75568
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Oct 2023 17:28:24 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
530bde141b8fd1c44b50d1bd4b912193cbb7c78ef6a20e4be6aad0fa15958867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
9
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2082
x-served-by
cache-fra-eddf8230107-FRA
x-timer
S1696872505.020596,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 07 Oct 2023 17:28:16 GMT
settings
syndication.twitter.com/ Frame 2B58 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=9a95669501b50e10303741978c695fb4d168e974
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
104
date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 09 Oct 2023 17:28:25 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
fbd9f8bccc38dec7
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
0dfbe9bc69cc30c7f1e8cf247227b4a7bf4596492a76b7684fe02bcb28792c80
content-length
337
init.d5393ac396c8794c869e.js
web-sdk.smartlook.com/es6/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.d5393ac396c8794c869e.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5123513035c30f44e20d93f8bc9fda7ba74ec7c315add4883b5aa3ccd220503b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 09 Oct 2023 17:28:25 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
356857
x-accel-date
1696515648
x-77-nzt
AcO1qhE3Nzf/+XEFAA
x-accel-expires
@1728051648
x-77-age
356857
last-modified
Thu, 05 Oct 2023 13:53:37 GMT
server
CDN77-Turbo
etag
W/"651ebfe1-fa90"
x-77-nzt-ray
4c15622461c31a273938246586e22206
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=1076015235.1696872505&jid=278204555&gjid=1875747200&_gid=1612521642.1696872505&_u=aEBAAEAAEAAAACAAI~&z=79796471
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 09 Oct 2023 17:28:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		239 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-83.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:15:52 GMT
content-encoding
br
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
25953
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
-2a59OXwhL5dPL0zV09BXgDwYtN9TfFRx4z-2ThBSkuUICjET3hd1A==
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1696872504771&cv=11&fst=1696870800000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3611009710&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1696872504771&cv=11&fst=1696870800000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3611009710&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
survey-executed
tr.dxmcdn.com/rest/api/v1/ 		0
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/survey.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2615.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
x-content-type-options
nosniff
server
Google Frontend
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/html
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
7edf7156306455f6a29ee06d56a6dcda
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
0
survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2615.1e100.net
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 17:28:25 GMT
expires
0
pragma
no-cache
server
Google Frontend
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cloud-trace-context
d17ef163ca1ec0f0e0dc956335cbf2f8
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 09 Oct 2023 17:28:25 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"1eb65-18afef67d5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
gMRCHOGdH-0u923Xh_GKBf0CFbqn6OBdA-YmM0KDnt2Iqy7yGy2RSg==
x-cached
MISS
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"cfe-18afef67d62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
3A5Mni7hpaiaIi3cAKlmnqlokXjC0-PTIZYcWRrwPxMrfDRgUWWo1Q==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2c20eca6f1330f620a68b84fb22175133c914f1de262a0d37449fbbde18f42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29739
x-xss-protection
0
server
cafe
etag
829 / 19639 / m202310030101 / config-hash: 1673092940278745592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:25 GMT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
FPTG2OxoLYtveF6L1lHa_yi.RcOwh3q6
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:25 GMT
x-amz-request-id
EWJRSD051645SZ7W
age
1891
x-cache
HIT
content-length
1113
x-amz-id-2
8ieejmpPIDpKsuOg3VR7pyVcDCwEO5Uyc1ke5XC44VLBPrOggUcPjoVerwQWjbLJg1YocDZbifo=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Tue, 26 Sep 2023 08:56:39 GMT
server
AmazonS3
x-timer
S1696872505.382289,VS0,VE0
etag
"0f035f8b52b8607074f683b28f021659"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
4
impl.20231009-1-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
79e4e27e77cde7c4d1f68c5ede06875086d9b995af24b12a22a9eb2cdb406fcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
vf7oJ0uNXoQFT6y8epYcFzLP3zwk_an0
content-encoding
br
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:25 GMT
x-amz-request-id
BVP7E6B8ZVE9QTQH
age
471
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171915
x-amz-id-2
Cquxky6u0ed+HUP3/wy+0rLYr8a13+e8WV6CGh0XNsCJMiEC+jIeTON5N46C35L70dZwMaDAidk=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 09:20:34 GMT
server
AmazonS3-br
x-timer
S1696872505.382285,VS0,VE0
etag
"750e7d63dcc1456b315f58660c6c0d6c"
vary
Accept-Encoding
content-type
application/javascript
abp
74
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2207
2323
dal.walla.co.il/editor/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.199.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.199.111.34.bc.googleusercontent.com
Software
openresty/1.15.8.3 /
Resource Hash
8b976b4e0138f7b918382760a95c63f0f6cb058ddfa7ab8e3dfcd70bb6caf33c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
cache
date
Mon, 09 Oct 2023 17:28:18 GMT
via
1.1 google
server
openresty/1.15.8.3
age
7
x-speed
0.0319380760
x-hostname
walla-dal-prod-6bf854b668-cvfmk
x-ip-r
35.191.24.200
access-control-allow-origin
https://www.walla.co.il
x-ip-x
172.56.209.132, 34.111.199.139
content-type
application/json; charset=UTF-8
cache-control
max-age=60,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6750
x-cached
BYPASS
7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
www.walla.co.il/public/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"ae04-18afef67d60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
FFfRLnx31mOumKgEmKb7jCoD9wpqL-b8oKLB_E88CC2SgsS9t0dp3w==
x-cached
HIT
player.html
www.walla.co.il/public/ Frame DFF4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3dfcf027cca62240f42b3725b7a0010763ac3203519bc12a0db9cb36f4a89de8

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
280377
cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 11:35:28 GMT
etag
W/"bc7-18afef67db2"
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-id
73NheHRa1L86J3rWqgyYJ29BWCNtmyH5SNrLF5sph322pyCi43g8hA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-cached
MISS
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"3a2-18afef67d7e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
MISS
x-amz-cf-id
plmwwt2ojpHapFH8ZgvAeYxlkIAoyw5BFkt61-MpbdSrdVIiesaMpA==
1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16764
etag
W/"c35-18b13de53de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
_3r37oARcx1dccyBaNTjxp8AI-0c2nxj7_CFY5LJ4XCqNnuOy5UwPg==
x-cached
MISS
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"46c-18afef67d6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
nWXubQqhZElUPQQsOnuVExKamfbET-lFIjkKr1cfjkir4sSW8eONBg==
3611139-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/3611139-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 03:36:56 GMT
via
1.1 google
age
49889
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40048
3610620-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/0/3610620-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5abe5532a2a4f36f35dd543165fa918f316dcaf8b672270b6e951ccabd2eb151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:05:29 GMT
via
1.1 google
age
4976
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7606
3611825-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611825-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a18858c7ff90b43d14eaf4bd7ad9f265aa775f28229324213062e05d3ce321c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 15:05:56 GMT
via
1.1 google
age
8549
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4988
3611848-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611848-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c1da2cefe7188aebbc42b7f5af529832f47202c8cb612cf3983439fcea4183e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:04:32 GMT
via
1.1 google
age
1433
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4666
3611537-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611537-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e56e755f83e1aab3b74409ad888d9de6cb1551c16360ac6474c5f2653a577370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 15:34:01 GMT
via
1.1 google
age
6864
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12386
3611553-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611553-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e28e1c02873c93ddf8d9570f07e06c78b590da2b91cea55a673f4bca3d1d1a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:46:44 GMT
via
1.1 google
age
31301
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4998
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=GgC8D0hcrypCd&v=B&ml=m&sl=B0W8lT&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=ntR3p8iOVvI5X&v=A&ml=m&sl=BeMl2Y&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=cjAGXqbRuzBiZ&v=A&ml=m&sl=Cz5tsU&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=OWEwgadhZa3JE&v=B&ml=m&sl=CJBXfO&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=nZfFM2GWLvqSo&v=B&ml=m&sl=Dskz_1&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=ueMXKD8RhC9I8&v=B&ml=m&sl=CK73GX&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=vbCBaCRAmDwUu&v=A&ml=m&sl=BcJnWY&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=eWZUI22O2a7kF&v=A&ml=m&sl=DldyCf&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=532TqRBhgNhZ8&v=B&ml=m&sl=CKlH4F&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CUmyPgBy2e1HDoneE8&c=0.01&V=141&x=9uxwsDwKhJAf9&v=B&ml=m&sl=BO_Wr4&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.152.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-152-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1711072935.1696872505&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUkltQUp0c0ZwYS1ncGFWT1RkdzZzdFBoLVJxY3luU0YwVF9rVjNUYmlXWnpwZGtIWVcxOThFGlpDaEVJOE1tT3FRWVE5ZlQ5aFlhOTY5amVBUkl1QU1BWUh5TWFKVC1rSDFwMWRzSVo5NWxUWFFpdFA5N2NpWGVFcTdhUlVrbUg3UjNpMGJkb0xFdmNHRnZGeHciEwj8tovXvumBAxVykP0HHVepBGw&is_vtc=1&ocp_id=ODgkZfy6OfKg9u8P19KS4AY&cid=CAQSKQDICaaNFN2tfukthCxEgK7QNPVCejyo03uDb57uvKDyAE5SUgWUui1q&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIRc08B_gHRsgTguaV7gMMcAoSh3acoWHBw&random=244232121&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=1040336823&cv=11&fst=1696872504912&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1711072935.1696872505&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUkltQUp0c0ZwYS1ncGFWT1RkdzZzdFBoLVJxY3luU0YwVF9rVjNUYmlXWnpwZGtIWVcxOThFGlpDaEVJOE1tT3FRWVE5ZlQ5aFlhOTY5amVBUkl1QU1BWUh5TWFKVC1rSDFwMWRzSVo5NWxUWFFpdFA5N2NpWGVFcTdhUlVrbUg3UjNpMGJkb0xFdmNHRnZGeHciEwj8tovXvumBAxVykP0HHVepBGw&is_vtc=1&ocp_id=ODgkZfy6OfKg9u8P19KS4AY&cid=CAQSKQDICaaNFN2tfukthCxEgK7QNPVCejyo03uDb57uvKDyAE5SUgWUui1q&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIRc08B_gHRsgTguaV7gMMcAoSh3acoWHBw&random=244232121&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1076015235.1696872505&jid=278204555&_u=aEBAAEAAEAAAACAAI~&z=1386579315
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1076015235.1696872505&jid=278204555&_u=aEBAAEAAEAAAACAAI~&z=1386579315
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3350770074560118&correlator=1525980803301660&eid=31078562&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871&sfv=1-0-40&ists=32767&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696872505526&lmt=1696865305&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108%2C11108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108%7C1600x11108&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1076015235.1696872505&ga_sid=1696872506&ga_hid=1060927038&ga_fc=true&dlt=1696872504475&idt=944&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop&adks=3574292238%2C3281790396%2C98111979%2C284161084%2C2694544435%2C99995744%2C2663655591%2C1832766528%2C3711358991%2C3169800366%2C3148243285%2C211575734%2C3583292036%2C2042096236%2C3658430203&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56633ff6c8f0305899c37aa468bb862378b35e95002966f0cd99a681257b35c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
440
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E15 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:25 GMT
expires
Tue, 08 Oct 2024 17:28:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
www.walla.co.il/public/ Frame DFF4 		736 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
df9a74ba55b4b89b027a8123540004258e9b4396f1bd73e258af6adfac037750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16764
etag
W/"b81b9-18b13de53df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
g1jLFZ38_TBkofbHNcKS_NKULSLbNEL6-VgplnGJM3USZPu5eWjkag==
x-cached
MISS
player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
www.walla.co.il/public/ Frame DFF4 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b194ec6f02131053688eee2371fecd9165f8687b55e60a850b357f5cbb30fe24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"77a5-18afef67db3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Gldb1v3IoMIPjZXkeT2PCSUMRvQHT0uRq-Xu8AM-VzAsAwVNPBtIaw==
x-cached
MISS
adoric.v9.4.min.css
static.adoric.com/ 		169 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.4.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
492
x-guploader-uploadid
ADPycduTJfzFCLtYWwBhq8BlgdBZq8G0q-RaELhjg4Q3pVwx9SQGljyQypUdGeTlCt0IcYif9rJGb_wyhyCHjoVF4bj4uA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 08:54:57 GMT
server
cloudflare
etag
W/"d6693c4efa6e72bb9b105bc8e6384b27"
vary
Accept-Encoding
x-goog-hash
crc32c=aiZ+bA==, md5=1mk8TvpucrubEFvI5jhLJw==
x-goog-generation
1693817697766768
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkWDHWD0mThewpkkrsmaKM2hhg3V4G5g4PqmuLDqT682qqFpecVK0Ca7d5jzMRC8M1Dx%2F62fxqgcrJDwwSZyM9Qc1MaxXElVWSG1jl00afyLBdFPly1WA1m%2FFZHd1yP0LfQz%2Bh5hwVARdZmfyh9RZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14462
cf-ray
81385707db5765b2-FRA
expires
Mon, 09 Oct 2023 17:21:15 GMT
/
app.adoric-om.com/v1/campaigns/ 		753 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=E&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a43adb9f7762d5a690080235ef8eac9745c5d98a48318404be44d4b72251e6b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Mon, 09 Oct 2023 17:28:25 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
753
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"2f1-VcI1G6fJeN1nElClz+Xd5mpitEI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1696872505551&cv=9&fst=1696872505551&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855ff25fdfb949f2e63687e6b8971da7d6ec21d2451c124d2a831263c02e1fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1445
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		131 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.132&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f1a782224ffa91d993bfd2833b9187414fe2c0acc508f3259b2432bb78d195e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 17:28:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34800
x-xss-protection
0
pragma
public
x-fb-debug
N8gAPrNn8795WcgY4MHvfdhMb3+Q3TDOVG2TJIyVi519C+6DA2vhY/GEXlP7LS1Qg3TILlKrPyaDiy7WZBnd6g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je3a40&_p=1060927038&cid=1076015235.1696872505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696872505&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je3a40&_p=1060927038&_gaz=1&cid=1076015235.1696872505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1696872505&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=173&ep.vertical_name=%D7%95%D7%95%D7%90%D7%9C%D7%94&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=&ep.tohash=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=1076015235.1696872505&gtm=45je3a40&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=1076015235.1696872505&gtm=45je3a40&aip=1&z=1681736173
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
pmk-20220605.2.js
pm-widget.taboola.com/wallail-walla/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
J_7JEZUDdQ4YrzJhODl8FUK4deJJqu3C
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:25 GMT
x-amz-request-id
C4CNW471XAJG1JKR
age
1153788
x-cache
HIT
content-length
28795
x-amz-id-2
4bU+8ggP5BGzYnRPZoxP18lPMdvVfqi5Se5gA4FftCE+8YQoUkJ+gWoDDRWcedCnJxJ2ekTqqNQ=
x-served-by
cache-fra-eddf8230049-FRA
last-modified
Tue, 26 Sep 2023 08:56:38 GMT
server
AmazonS3
x-timer
S1696872506.715304,VS0,VE0
etag
"a78996a082a974b0dc6659aacfa84748"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5997
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280377
etag
W/"558e-18afef67d91"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
sLLFUjY7rg7PUHw1qRCsay1M6ez6nG2siyhwa-4S_m7AGn8SHkihgw==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280378
etag
W/"e954-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
ZQtQwryq7W1aKhOUUgFEjGtFM9gCd3zT_DuLv6NYdjgUtqu2IPjBJw==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280378
etag
W/"ea00-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
01IbK6g_X-v9-rF5_ceH_r_5NYBK27x1KoxSTo3istVw5VRgF5MaFg==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16766
etag
W/"e770-18b13de5426"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
u_ASWgBZJUu8YLDUTbKMOC8Vw8f8SsC7r2ZoBAp-HPq-lGckHp50-w==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16766
etag
W/"e7c0-18b13de5427"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
l_PMsITYSIGhwF9IqYWGoFxXHpJoNk_38Gc8XcG4o6DaPACIFutehQ==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
16766
etag
W/"3bdc-18b13de5429"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
PKcKDRyOqmdAl256gvfndI4H4LZD_xErlKU5CG1b4pGs5Li7mo_bZQ==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
223609
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		104 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=19%3A28%3A25.763&lti=deflated&data=%7B%22id%22%3A58%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696856166790%2C%22vi%22%3A1696872505761%2C%22cv%22%3A%2220231009-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11108%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4313.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5480.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11108.0625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
495af12c410c467f2f27c4b5a2d77acc133dcb659518a2eb23266966a45e35e4

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
321
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.0025
x-fastly-to-nlb-rtt
7357
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696872506.774263,VS0,VE321
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
walla.json
www.walla.co.il/public/player-config/ Frame DFF4 		111 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:29 GMT
via
1.1 google, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
280376
etag
W/"6f-18afef67db2"
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
MISS
x-amz-cf-id
iv6kE1-D_uB-ZOXe8hdT6CYW28QUKaBTisZBSyPR149dy2HyxomAFA==
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1696872505551&cv=9&fst=1696870800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=3030804735&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1696872505551&cv=9&fst=1696870800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=3030804735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.132&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
744955188c8bf50c64bb2d9095eec5fe3df45dad12b40c7444ef86d94218fd4d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 17:28:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36091
x-xss-protection
0
pragma
public
x-fb-debug
2X/zNdCqHQpFGmbKzkM6Ui65W34eK5n8h7OFaRJH9d7DlORkqkDsizJwGUXNpv0/M/lhiNbYQlnw5g64aZ+mzg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1696872505929&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.2.1696872505928.1885170776&ler=empty&it=1696872505565&coo=false&exp=a1&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Oct 2023 17:28:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DFF4 		359 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0577359952b714e119cc1aa6e318656f7d7c642adb87cc84ff00e87c949dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125855
x-xss-protection
0
expires
Mon, 09 Oct 2023 17:28:26 GMT
truncated
/ Frame DFF4 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1696872505983&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.2.1696872505928.1885170776&ler=empty&cs_est=true&it=1696872505565&coo=false&exp=a1&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Oct 2023 17:28:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 17:28:26 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
913084e26924aac120b4b44e9d7d8242352267cd5df771b6a4889517b72c2b44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12323
x-xss-protection
0
7e852fdf-8436-40fa-bce4-2bf7855c773a
https://www.walla.co.il/ Frame DFF4 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/7e852fdf-8436-40fa-bce4-2bf7855c773a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
playlist.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame DFF4
Redirect Chain
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
/
Resource Hash
c735b33ff91d0c0d18f1e4d8285fc70c641b4305fe28d0b70c1270441668db58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
null
x-cache
Miss from cloudfront
cache-control
max-age=0
access-control-allow-credentials
true
x-amz-cf-id
muUYPDajvtemjlScLnUXsrvyEAnYD6VIuSGkP4Rziq_y-zBvPEV_Bw==

Redirect headers

date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
GBWHgiBXyMcIiIeI6EiF6bbvtNUAOzJzkMMw1V3CbseiQAKtcHjZZA==
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame DC53 		724 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
393260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 04:14:06 GMT
expires
Fri, 04 Oct 2024 04:14:06 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame DFF4 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 17:28:26 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6715 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 09 Oct 2023 18:16:40 GMT
45c525aa-17d1-423a-aff5-f7a900e33d97
https://www.walla.co.il/ Frame DFF4 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/45c525aa-17d1-423a-aff5-f7a900e33d97
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
1c59c8a9-b3af-457d-a9cc-d703ce68ff81
https://www.walla.co.il/ Frame DFF4 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/1c59c8a9-b3af-457d-a9cc-d703ce68ff81
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
50bb46be-64f1-4f75-933e-5458523efdde
https://www.walla.co.il/ Frame DFF4 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/50bb46be-64f1-4f75-933e-5458523efdde
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		892 KB
69 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95b1ec4eefbe93021028b40675f72200324aa44deca3f2d826278076442a5095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
94O8UNbIvBURIsY00NRUne6sdqcQD2BD
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:26 GMT
x-amz-request-id
H2WE4CJ2EE6CZPQF
age
5051
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
10
x-amz-replication-status
FAILED
content-length
69987
x-amz-id-2
ov70NSf5FmGgIQYxRwa+CvonPYobSLU/3Fx8Vi0FmNs4wm34TpMhCB+HYtjos+XROk3kndwzisE=
x-served-by
cache-fra-eddf8230049-FRA
last-modified
Mon, 09 Oct 2023 13:03:44 UTC
server
nginx
x-timer
S1696872506.118516,VS0,VE0
etag
"627e8f4de41e715e9e747609c8a1ef3eb7fafe66"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
30
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
3
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.4/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.4/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3109fc8f4a6aff20c9eddf126acf9e2f8d916f2f5acdbeac9884df538a898081

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 7a4584fd3c2a27bbe552d92ba541848a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BUD50-C1
age
18217
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34946
x-served-by
cache-fra-eddf8230049-FRA
last-modified
Mon, 09 Oct 2023 12:24:18 GMT
server
AmazonS3
x-timer
S1696872506.122010,VS0,VE0
etag
"2e669de8bbef78023d57746f02aadc93"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
qMGMX0A4UqNhPCDjs6fBE_2AVjXGOg7at4NY0skI0aRWrp3dDS-qxw==
x-cache-hits
4227
feed-card-placeholder.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ad4ea14298dd60b6bf1481bd42fad48dc018c78c2547823d3fcb7e73555f954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
Tn.hzacUWTpugzgyv94.hJPVCvbG.cUq
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:26 GMT
x-amz-request-id
STD28DHT91KX3BQ1
age
4752
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
Z6DBPNGFFV2SofU/G/b7V2OxM8KGML+pI/y/8VDTVDsudSyjeMJh876494YLIRw0xwAb482CdcM=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 16:09:14 GMT
server
AmazonS3
x-timer
S1696872506.122223,VS0,VE0
etag
"9fb62f1dbeecbdf3d8f84a13602c025a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
63
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12894
userx.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17fc159664a481670c9f5ca2f4650c2e7f7369aad81910ae3d89ddef3631666f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
nSrmGq2HO.7E_OfaKgoGBbRxrUwBoVQO
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:26 GMT
x-amz-request-id
NTAC97Y33EKRNT4Z
age
4726
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
ujsIUV+Ib1v3xeTYRZh6syvRtybuOnlcwEEGtxffFKGBHX1pkQy3eOX7PO3iq9am+lr+bi/XAUM=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 16:09:40 GMT
server
AmazonS3
x-timer
S1696872506.136743,VS0,VE0
etag
"62917a42cc191a430f54f69264755b83"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2568
distance-from-article.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bffee38e24dd95aa44e2b6dd53b5fa3e3ee5a537d356e17368555f513539fed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
FeytHjTbXvgBd63e_IR13PswBiQS_e5O
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:26 GMT
x-amz-request-id
2X0EHFNPJSMJKKHR
age
4757
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
r6+vCxalB0LtjxB3BCLtVz90ZUpoKN1y5w35uvnqXxT/SfOzXBI8PfAjuBns1w1hgqcUxXmkxnM=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 16:09:09 GMT
server
AmazonS3
x-timer
S1696872506.136085,VS0,VE0
etag
"89729e2ba5a55a37c7c34215545d0091"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13851
article-detection.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab4b55c7eb822be8b29202439c3ab043da8e1e82e6eb3ed929e92fd46931ccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
s67yFVKJKIcVYR5JHKbfFh9Mp9rlDnjg
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:26 GMT
x-amz-request-id
0WJ7S9EDWJ5WR9HB
age
4763
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
zavg1uhJVht6z2kLyrjxe5/hTnckPTahOSpu/d1QVM1xqexDfvq9hWIR+MfFlbmtQyzM1nssDL8=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 16:09:03 GMT
server
AmazonS3
x-timer
S1696872506.136080,VS0,VE0
etag
"861a5a3cea3986ae3c34ea081c26329e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
59
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13864
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1696872506146%7D&tim=19%3A28%3A26.146&id=9681&llvl=2&ri=b3116cddbcfc96527dbd4af4090a1574&sd=v2_ae1108b059f1db40be264a722953d28f_ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9_1696872505_1696872505_CIi3jgYQk-FcGKHD7quxMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9&pi=/&pt=home&vi=1696872505761&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1696872506148%7D&tim=19%3A28%3A26.148&id=6593&llvl=2&ri=b3116cddbcfc96527dbd4af4090a1574&sd=v2_ae1108b059f1db40be264a722953d28f_ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9_1696872505_1696872505_CIi3jgYQk-FcGKHD7quxMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9&pi=/&pt=home&vi=1696872505761&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1696872506148%7D&tim=19%3A28%3A26.148&id=7693&llvl=2&ri=b3116cddbcfc96527dbd4af4090a1574&sd=v2_ae1108b059f1db40be264a722953d28f_ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9_1696872505_1696872505_CIi3jgYQk-FcGKHD7quxMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9&pi=/&pt=home&vi=1696872505761&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
v5
metrics.getrockerbox.com/track/ 		44 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=28250545&tier_three=3831634844&tier_four=wallail-walla&tier_five=Desktop&auction_id=2023-10-09+17%3A28%3A26&referrer=walla.co.il&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.143.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W9fb7KlUe3O8kktkR%2FVIsqme7GRIuksLtALhZh3cpuJ6lVoDA%2BZIUAAyaqzpWjzFW3T6UkwBvYjQcL8ZVlWDihA0hpEO7K85wdX4NMblBl7G0lJbLcXiR8KIdg%2BKipPvcRCxDJUEIAfxMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
8138570b9a0e1bc3-FRA
alt-svc
h3=":443"; ma=86400
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&tvi48=11657&tvi50=13156&lti=deflated&ri=b3116cddbcfc96527dbd4af4090a1574&sd=v2_ae1108b059f1db40be264a722953d28f_ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9_1696872505_1696872505_CIi3jgYQk-FcGKHD7quxMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9&pi=/&wi=2990753527669053458&pt=home&vi=1696872505761&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696872506127%7D&tim=19%3A28%3A26.127&id=7462&llvl=2&cv=20231009-1-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 17:28:26 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
1
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696872506.182215,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
59
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
2
social
trc.taboola.com/wallail-walla/log/3/ 		0
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/wallail-walla/log/3/social?lti=deflated&ri=b3116cddbcfc96527dbd4af4090a1574&sd=v2_ae1108b059f1db40be264a722953d28f_ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9_1696872505_1696872505_CIi3jgYQk-FcGKHD7quxMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9&pi=/&pt=home&vi=1696872505761&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=19%3A28%3A26.194&id=7671&llvl=2&cv=20231009-1-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7620
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
pragma
no-cache
server
nginx
x-timer
S1696872506.194653,VS0,VE10
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Oct 2023 17:28:26 GMT
555f3e6db6c4dc65f1fe205b47da3d3b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/555f3e6db6c4dc65f1fe205b47da3d3b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f6d0db9e8623ad90b2aa5649e7b8a6c3dcb8cfdfb5201d61c5a377cd5cb157f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/555f3e6db6c4dc65f1fe205b47da3d3b.jpg
age
1750780
edge-cache-tag
481453250644276241625798715811820691822,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
481453250644276241625798715811820691822,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
36
req-referer
https://www.express.de/
content-length
6194
x-request-id
4cb07a8bb23d2727bd38dfb2c53c3b2d
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100162-IAD, cache-iad-kjyo7100053-IAD, cache-iad-kiad7000030-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 14 Sep 2023 15:45:49 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=11239,owidth=1200,oheight=628,obytes=108752
x-timer
S1696872506.362951,VS0,VE2
etag
"c6ac9c474320e84e8b5afc43d0feee04"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 54, 1
7d0e1925ff05191a31f4f0d5ec35a045.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66bdec28be3e283ad7663440d2b63efd4ced27ba1a7571a1d630d5f6015ecce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
age
2360743
edge-cache-tag
465001665069678899320262329545940930297,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
465001665069678899320262329545940930297,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://ads.taboola.com/
content-length
10972
x-request-id
1fb1986c7609d358b81d98fe96dfbd78
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000063-IAD, cache-iad-kiad7000150-IAD, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 24 Aug 2023 08:32:01 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1920,oheight=1080,obytes=394037
x-timer
S1696872506.363103,VS0,VE1
etag
"e534e424e8650fac9bed73b8f56f9ffc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
5c65e9fe386f199313c4c3d48d095647.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c65e9fe386f199313c4c3d48d095647.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efc07bb7931313d9b667af950eefdda416c85a4ee2d26eda6fea5307832922cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c65e9fe386f199313c4c3d48d095647.jpeg
age
2255438
edge-cache-tag
523184187909183550301738426183838436175,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
523184187909183550301738426183838436175,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
712
req-referer
https://www.watson.de/
content-length
16010
x-request-id
87d7594a924d773457e3f77b92308c07
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100031-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 28 Aug 2023 15:25:53 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=26433,owidth=1000,oheight=600,obytes=833814
x-timer
S1696872506.363342,VS0,VE1
etag
"75ca54d36e1140801ef9bcf2bed1c4bd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 27, 1
891a5b529570b03d87df0300ae78cfa3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/891a5b529570b03d87df0300ae78cfa3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6e7d2883892205584a87bbf9f4b29790652376b0eb33b6303866db14ccd298f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/891a5b529570b03d87df0300ae78cfa3.jpg
age
376237
edge-cache-tag
402615346577208441465643631620948231098,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
402615346577208441465643631620948231098,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1162
req-referer
https://www.radioherne.de/
content-length
48186
x-request-id
2fb754b7b5794bb7e9514c28ce59701f
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000047-IAD, cache-iad-kjyo7100119-IAD, cache-iad-kiad7000101-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 05 Oct 2023 06:45:56 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=67368,owidth=2713,oheight=1526,obytes=3256663
x-timer
S1696872506.362835,VS0,VE8
etag
"2c711fba1e2bb0dc2c14546330708df7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
93d2d016d1ef1eda78cf47eb1e537146.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93d2d016d1ef1eda78cf47eb1e537146.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f01eb67a1e1724c447178c31357e55a575816eb5488feefbbe1672e08d606a51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93d2d016d1ef1eda78cf47eb1e537146.png
age
1234018
edge-cache-tag
402429473219694091511173162433686890123,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
402429473219694091511173162433686890123,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
127
req-referer
https://www.hildesheimer-allgemeine.de/
content-length
37128
x-request-id
e182684e2ed233eca429e683217f475d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kiad7000041-IAD, cache-sna10735-LGB, cache-iad-kjyo7100024-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 24 Sep 2023 20:18:08 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=69047,owidth=1600,oheight=900,obytes=2526925
x-timer
S1696872506.362919,VS0,VE3
etag
"10c4d4e4983758069bef4e40f87de2c4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 15, 1
5c59b7e8daf600146c74801ba3c23c90.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c59b7e8daf600146c74801ba3c23c90.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e41babb574fb98c0a68528bcfda14339cf44467d1e7d066e7c6cd1c9fa7de92d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c59b7e8daf600146c74801ba3c23c90.jpeg
age
1523337
edge-cache-tag
477877314143423606392577713906372322394,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
477877314143423606392577713906372322394,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
278
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.calcalistech.com/ctechnews/article/skwawdtvh
content-length
13876
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kiad7000175-IAD, cache-iad-kcgs7200034-IAD, cache-fra-eddf8230054-FRA
last-modified
Tue, 22 Aug 2023 16:20:01 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1000,oheight=600,obytes=255940
x-timer
S1696872506.362882,VS0,VE1
etag
"5e55e738e475f5616fca522b9baec3f7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 17, 1
110d0dbedb29cc6124fd6ec137b89cd1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/110d0dbedb29cc6124fd6ec137b89cd1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0339b0b4bac03ee07419e5bc73ebb2f7571b80864f40e256473c4cec1b1f1105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/110d0dbedb29cc6124fd6ec137b89cd1.jpg
age
1501948
edge-cache-tag
330059424903233630193748904275078117027,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
330059424903233630193748904275078117027,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
495
req-referer
https://ads.taboola.com/
content-length
20710
x-request-id
8ea719c38ad9609a4242b751d4ede156
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000102-IAD, cache-iad-kcgs7200100-IAD, cache-lga21952-LGA, cache-iad-kjyo7100089-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 22 Sep 2023 08:15:39 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=53442,owidth=1000,oheight=600,obytes=757941
x-timer
S1696872506.378206,VS0,VE2
etag
"103f77929b22011090b1f05a3f4b18d5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16, 1
55a882e6ee6c895099a9b8bd8e833484.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55a882e6ee6c895099a9b8bd8e833484.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e887dec4975b66d9c8f8a3f9518b27c1717cbc75b8c0b3619ca55200cae7f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55a882e6ee6c895099a9b8bd8e833484.png
age
3459063
edge-cache-tag
514536020790333922392747829224593366161,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
514536020790333922392747829224593366161,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
73
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mundogastronomico.online/?p=142
content-length
18428
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100047-IAD, cache-lga21943-LGA, cache-iad-kiad7000137-IAD, cache-fra-eddf8230054-FRA
last-modified
Tue, 01 Aug 2023 06:41:22 GMT
server
nginx
x-timer
S1696872506.378170,VS0,VE5
etag
"211cf67a57a8098bab3bff25e923344b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 7, 1
3611584-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611584-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
168ce5333c925d92fddd71e0e86a163e477c67ba2ca0e8d5d89007c981db989d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611584-46.jpg
age
29738
edge-cache-tag
335661127561397587555416850054294659334,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
335661127561397587555416850054294659334,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
94
req-referer
https://www.walla.co.il/
content-length
13914
x-request-id
efd9447fde35de7e6732527387711ae4
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100079-IAD, cache-iad-kcgs7200150-IAD, cache-chi-kigq8000093-CHI, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 09:08:58 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=60485,owidth=1200,oheight=673,obytes=32606
x-timer
S1696872506.378157,VS0,VE1
etag
"307ff47bcf940c7d0c16076e0af6ab89"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 1
2687926-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/2/6/8/7/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/2/6/8/7/2687926-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9c138442107e29751bd914b1bcc3ca3dfdc85311ae7a1ea281db521c52ea30a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/2/6/8/7/2687926-46.jpg
age
2233131
edge-cache-tag
313305584260092812612282318447709819839,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
313305584260092812612282318447709819839,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
80
req-referer
https://www.walla.co.il/
content-length
18760
x-request-id
8ccf8d236e273f0f926de53faadfab93
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100049-IAD, cache-fra-eddf8230054-FRA
last-modified
Wed, 13 Sep 2023 21:03:49 GMT
server
nginx
surrogate-reporting
width=685,height=380,bytes=26951,owidth=685,oheight=385,obytes=32549
x-timer
S1696872506.378135,VS0,VE1
etag
"b6e1b441bae96dc9ccd0ebd76ecbd46c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 221, 1
5638cc72b05e0651ba1aa3ba90e6367d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5638cc72b05e0651ba1aa3ba90e6367d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4bb2926f7e541f917cc00e7d5179e09e1018504935ba5d366c1e9a34b2478716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5638cc72b05e0651ba1aa3ba90e6367d.jpeg
age
242080
edge-cache-tag
598098275230177787965649116340992768377,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
598098275230177787965649116340992768377,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
394
req-referer
https://www.pronews.gr/
content-length
12022
x-request-id
a8bc2e93058782d02b0a8483164ebd10
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200021-IAD, cache-iad-kcgs7200116-IAD, cache-sna10720-LGB, cache-iad-kiad7000034-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 06 Oct 2023 22:00:05 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=22442,owidth=1000,oheight=600,obytes=137081
x-timer
S1696872506.378149,VS0,VE1
etag
"a0fa58f22083234b9820d6522a9b4dfa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
1534cec10471fe6dd9173cf4a0588f46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1534cec10471fe6dd9173cf4a0588f46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e86e04454a6923b22ebac870f19d6acdfb4b7d7eda747947d32809a55457f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1534cec10471fe6dd9173cf4a0588f46.jpg
age
3747617
edge-cache-tag
530993072650289540975369678572144568752,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
530993072650289540975369678572144568752,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
457
req-referer
https://www.kicker.de/
content-length
24680
x-request-id
34e972a2736893b5f1c32c1f5aacb500
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200134-IAD, cache-sna10740-LGB, cache-iad-kjyo7100051-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 27 Aug 2023 07:00:35 GMT
server
nginx
x-timer
S1696872506.384285,VS0,VE7
etag
"5bec8cf081a45c3eb547225b27ddbd87"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 56, 1
8f92bf5fa762f2524852c66384d31cc5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f92bf5fa762f2524852c66384d31cc5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d6bde4b653f17ad36d6fcb3cf5692d29cd163173b4b40ec21379c5e649244fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f92bf5fa762f2524852c66384d31cc5.png
age
2107954
edge-cache-tag
325506290003589670505974583337869609597,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
325506290003589670505974583337869609597,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
131
expiration
expiry-date="Sun, 01 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
9996
x-backend-name
US_nlb105
x-served-by
cache-iad-kcgs7200102-IAD, cache-iad-kiad7000065-IAD, cache-iad-kiad7000041-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 31 Aug 2023 05:13:00 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1200,oheight=720,obytes=463958
x-timer
S1696872506.387715,VS0,VE1
etag
"9ff056ef7836ff39f6c648be23e0732e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 14, 1
7d28eaf84f55ca4440740b22b6efa59f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d28eaf84f55ca4440740b22b6efa59f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2af5d3a31df9004e40a41b54cb83d314105cc31cc0d798e106b1210794620502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d28eaf84f55ca4440740b22b6efa59f.jpg
age
3586281
edge-cache-tag
291433220095719736949504613663456836992,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
291433220095719736949504613663456836992,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
91
req-referer
https://www.oberberg-aktuell.de/
content-length
12980
x-request-id
6764d5a7f1e9c4bd456aabd2e8c16b29
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000032-IAD, cache-iad-kjyo7100129-IAD, cache-sna10737-LGB, cache-iad-kjyo7100145-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 25 Aug 2023 12:29:04 GMT
server
nginx
x-timer
S1696872506.405533,VS0,VE2
etag
"3db099050d75dc9fd9714cc7bbf1aff7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 17, 1
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 17:28:26 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=19%3A28%3A26.428&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8296&cv=20231009-1-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15250
supply-feature
trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/supply-feature?lti=deflated&ri=b3116cddbcfc96527dbd4af4090a1574&sd=v2_ae1108b059f1db40be264a722953d28f_ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9_1696872505_1696872505_CIi3jgYQk-FcGKHD7quxMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9&pi=/&pt=home&vi=1696872505761&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22114.078125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A28%3A26.454&id=4374&llvl=2&cv=20231009-1-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
242182
expires
60
ads
pubads.g.doubleclick.net/gampad/ Frame DC53 		475 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.594.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F9c192d0c-5174-45dc-aeaf-35a695a73ecd&sid=16B9A833-BE39-4E09-9721-FCC129F73FEC&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797156%2C44797965%2C44801604&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dt=1696872506478&cookie=ID%3Df4de6d675d53b6aa%3AT%3D1696872505%3ART%3D1696872505%3AS%3DALNI_Ma7A25b9qRmY3ND0Efw5icVYqj26g&gpic=UID%3D00000c9331817db1%3AT%3D1696872505%3ART%3D1696872505%3AS%3DALNI_MZb37zygZNMULaHEWys0bx3XrR6FQ&correlator=3612139846101121&scor=215569836188367&ged=ve4_td0_tt0_pd0_la0_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
555f3e6db6c4dc65f1fe205b47da3d3b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/555f3e6db6c4dc65f1fe205b47da3d3b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f6d0db9e8623ad90b2aa5649e7b8a6c3dcb8cfdfb5201d61c5a377cd5cb157f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/555f3e6db6c4dc65f1fe205b47da3d3b.jpg
age
1750780
edge-cache-tag
481453250644276241625798715811820691822,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
481453250644276241625798715811820691822,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
36
req-referer
https://www.express.de/
content-length
6194
x-request-id
4cb07a8bb23d2727bd38dfb2c53c3b2d
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100162-IAD, cache-iad-kjyo7100053-IAD, cache-iad-kiad7000030-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 14 Sep 2023 15:45:49 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=11239,owidth=1200,oheight=628,obytes=108752
x-timer
S1696872506.485793,VS0,VE0
etag
"c6ac9c474320e84e8b5afc43d0feee04"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 54, 2
7d0e1925ff05191a31f4f0d5ec35a045.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66bdec28be3e283ad7663440d2b63efd4ced27ba1a7571a1d630d5f6015ecce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
age
2360743
edge-cache-tag
465001665069678899320262329545940930297,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
465001665069678899320262329545940930297,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://ads.taboola.com/
content-length
10972
x-request-id
1fb1986c7609d358b81d98fe96dfbd78
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000063-IAD, cache-iad-kiad7000150-IAD, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 24 Aug 2023 08:32:01 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1920,oheight=1080,obytes=394037
x-timer
S1696872506.485957,VS0,VE0
etag
"e534e424e8650fac9bed73b8f56f9ffc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
5c65e9fe386f199313c4c3d48d095647.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c65e9fe386f199313c4c3d48d095647.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efc07bb7931313d9b667af950eefdda416c85a4ee2d26eda6fea5307832922cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c65e9fe386f199313c4c3d48d095647.jpeg
age
2255438
edge-cache-tag
523184187909183550301738426183838436175,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
523184187909183550301738426183838436175,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
712
req-referer
https://www.watson.de/
content-length
16010
x-request-id
87d7594a924d773457e3f77b92308c07
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100031-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 28 Aug 2023 15:25:53 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=26433,owidth=1000,oheight=600,obytes=833814
x-timer
S1696872506.486056,VS0,VE0
etag
"75ca54d36e1140801ef9bcf2bed1c4bd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 27, 2
93d2d016d1ef1eda78cf47eb1e537146.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93d2d016d1ef1eda78cf47eb1e537146.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f01eb67a1e1724c447178c31357e55a575816eb5488feefbbe1672e08d606a51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93d2d016d1ef1eda78cf47eb1e537146.png
age
1234018
edge-cache-tag
402429473219694091511173162433686890123,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
402429473219694091511173162433686890123,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
127
req-referer
https://www.hildesheimer-allgemeine.de/
content-length
37128
x-request-id
e182684e2ed233eca429e683217f475d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kiad7000041-IAD, cache-sna10735-LGB, cache-iad-kjyo7100024-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 24 Sep 2023 20:18:08 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=69047,owidth=1600,oheight=900,obytes=2526925
x-timer
S1696872506.486336,VS0,VE0
etag
"10c4d4e4983758069bef4e40f87de2c4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 15, 2
5c59b7e8daf600146c74801ba3c23c90.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c59b7e8daf600146c74801ba3c23c90.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e41babb574fb98c0a68528bcfda14339cf44467d1e7d066e7c6cd1c9fa7de92d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c59b7e8daf600146c74801ba3c23c90.jpeg
age
1523337
edge-cache-tag
477877314143423606392577713906372322394,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
477877314143423606392577713906372322394,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
278
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.calcalistech.com/ctechnews/article/skwawdtvh
content-length
13876
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kiad7000175-IAD, cache-iad-kcgs7200034-IAD, cache-fra-eddf8230054-FRA
last-modified
Tue, 22 Aug 2023 16:20:01 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1000,oheight=600,obytes=255940
x-timer
S1696872506.486537,VS0,VE0
etag
"5e55e738e475f5616fca522b9baec3f7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 17, 2
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da6... Frame DFF4 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/110/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
/
Resource Hash
1ce0535fc70350b811a3577e4092376d585df50855013c57a10f76f72a44117e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Mon, 09 Oct 2023 17:28:20 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-fa985ced, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
EpGy5L-9SvksbPAHUyfb1cPIP0U950qJXDneytK43KnT8-R2fQXt5w==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E192 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:24:12 GMT
expires
Tue, 08 Oct 2024 17:24:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B303 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
53c8bff0471a7e264b9972c0e55470a157b4eff96be27371cb62b6628182d71b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-80kcIDS9qeBNUydedfa6xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-80kcIDS9qeBNUydedfa6xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:26 GMT
expires
Mon, 09 Oct 2023 17:28:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
7d28eaf84f55ca4440740b22b6efa59f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d28eaf84f55ca4440740b22b6efa59f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2af5d3a31df9004e40a41b54cb83d314105cc31cc0d798e106b1210794620502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d28eaf84f55ca4440740b22b6efa59f.jpg
age
3586281
edge-cache-tag
291433220095719736949504613663456836992,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
291433220095719736949504613663456836992,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
91
req-referer
https://www.oberberg-aktuell.de/
content-length
12980
x-request-id
6764d5a7f1e9c4bd456aabd2e8c16b29
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000032-IAD, cache-iad-kjyo7100129-IAD, cache-sna10737-LGB, cache-iad-kjyo7100145-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 25 Aug 2023 12:29:04 GMT
server
nginx
x-timer
S1696872507.507758,VS0,VE0
etag
"3db099050d75dc9fd9714cc7bbf1aff7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 17, 2
891a5b529570b03d87df0300ae78cfa3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/891a5b529570b03d87df0300ae78cfa3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6e7d2883892205584a87bbf9f4b29790652376b0eb33b6303866db14ccd298f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/891a5b529570b03d87df0300ae78cfa3.jpg
age
376237
edge-cache-tag
402615346577208441465643631620948231098,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
402615346577208441465643631620948231098,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1162
req-referer
https://www.radioherne.de/
content-length
48186
x-request-id
2fb754b7b5794bb7e9514c28ce59701f
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000047-IAD, cache-iad-kjyo7100119-IAD, cache-iad-kiad7000101-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 05 Oct 2023 06:45:56 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=67368,owidth=2713,oheight=1526,obytes=3256663
x-timer
S1696872507.508557,VS0,VE0
etag
"2c711fba1e2bb0dc2c14546330708df7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
110d0dbedb29cc6124fd6ec137b89cd1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/110d0dbedb29cc6124fd6ec137b89cd1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0339b0b4bac03ee07419e5bc73ebb2f7571b80864f40e256473c4cec1b1f1105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/110d0dbedb29cc6124fd6ec137b89cd1.jpg
age
1501948
edge-cache-tag
330059424903233630193748904275078117027,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
330059424903233630193748904275078117027,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
495
req-referer
https://ads.taboola.com/
content-length
20710
x-request-id
8ea719c38ad9609a4242b751d4ede156
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000102-IAD, cache-iad-kcgs7200100-IAD, cache-lga21952-LGA, cache-iad-kjyo7100089-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 22 Sep 2023 08:15:39 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=53442,owidth=1000,oheight=600,obytes=757941
x-timer
S1696872507.508339,VS0,VE0
etag
"103f77929b22011090b1f05a3f4b18d5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16, 2
55a882e6ee6c895099a9b8bd8e833484.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55a882e6ee6c895099a9b8bd8e833484.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e887dec4975b66d9c8f8a3f9518b27c1717cbc75b8c0b3619ca55200cae7f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55a882e6ee6c895099a9b8bd8e833484.png
age
3459063
edge-cache-tag
514536020790333922392747829224593366161,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
514536020790333922392747829224593366161,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
73
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mundogastronomico.online/?p=142
content-length
18428
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100047-IAD, cache-lga21943-LGA, cache-iad-kiad7000137-IAD, cache-fra-eddf8230054-FRA
last-modified
Tue, 01 Aug 2023 06:41:22 GMT
server
nginx
x-timer
S1696872507.508186,VS0,VE0
etag
"211cf67a57a8098bab3bff25e923344b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 7, 2
3611584-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611584-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
168ce5333c925d92fddd71e0e86a163e477c67ba2ca0e8d5d89007c981db989d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611584-46.jpg
age
29738
edge-cache-tag
335661127561397587555416850054294659334,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
335661127561397587555416850054294659334,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
94
req-referer
https://www.walla.co.il/
content-length
13914
x-request-id
efd9447fde35de7e6732527387711ae4
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100079-IAD, cache-iad-kcgs7200150-IAD, cache-chi-kigq8000093-CHI, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 09 Oct 2023 09:08:58 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=60485,owidth=1200,oheight=673,obytes=32606
x-timer
S1696872507.507727,VS0,VE0
etag
"307ff47bcf940c7d0c16076e0af6ab89"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 2
2687926-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/2/6/8/7/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/2/6/8/7/2687926-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9c138442107e29751bd914b1bcc3ca3dfdc85311ae7a1ea281db521c52ea30a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/2/6/8/7/2687926-46.jpg
age
2233131
edge-cache-tag
313305584260092812612282318447709819839,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
313305584260092812612282318447709819839,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
80
req-referer
https://www.walla.co.il/
content-length
18760
x-request-id
8ccf8d236e273f0f926de53faadfab93
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100049-IAD, cache-fra-eddf8230054-FRA
last-modified
Wed, 13 Sep 2023 21:03:49 GMT
server
nginx
surrogate-reporting
width=685,height=380,bytes=26951,owidth=685,oheight=385,obytes=32549
x-timer
S1696872507.507659,VS0,VE0
etag
"b6e1b441bae96dc9ccd0ebd76ecbd46c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 221, 2
5638cc72b05e0651ba1aa3ba90e6367d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5638cc72b05e0651ba1aa3ba90e6367d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4bb2926f7e541f917cc00e7d5179e09e1018504935ba5d366c1e9a34b2478716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5638cc72b05e0651ba1aa3ba90e6367d.jpeg
age
242080
edge-cache-tag
598098275230177787965649116340992768377,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
598098275230177787965649116340992768377,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
394
req-referer
https://www.pronews.gr/
content-length
12022
x-request-id
a8bc2e93058782d02b0a8483164ebd10
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200021-IAD, cache-iad-kcgs7200116-IAD, cache-sna10720-LGB, cache-iad-kiad7000034-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 06 Oct 2023 22:00:05 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=22442,owidth=1000,oheight=600,obytes=137081
x-timer
S1696872507.525902,VS0,VE0
etag
"a0fa58f22083234b9820d6522a9b4dfa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
1534cec10471fe6dd9173cf4a0588f46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1534cec10471fe6dd9173cf4a0588f46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e86e04454a6923b22ebac870f19d6acdfb4b7d7eda747947d32809a55457f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1534cec10471fe6dd9173cf4a0588f46.jpg
age
3747617
edge-cache-tag
530993072650289540975369678572144568752,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
530993072650289540975369678572144568752,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
457
req-referer
https://www.kicker.de/
content-length
24680
x-request-id
34e972a2736893b5f1c32c1f5aacb500
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200134-IAD, cache-sna10740-LGB, cache-iad-kjyo7100051-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 27 Aug 2023 07:00:35 GMT
server
nginx
x-timer
S1696872507.525900,VS0,VE0
etag
"5bec8cf081a45c3eb547225b27ddbd87"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 56, 2
8f92bf5fa762f2524852c66384d31cc5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f92bf5fa762f2524852c66384d31cc5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d6bde4b653f17ad36d6fcb3cf5692d29cd163173b4b40ec21379c5e649244fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 17:28:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f92bf5fa762f2524852c66384d31cc5.png
age
2107954
edge-cache-tag
325506290003589670505974583337869609597,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
325506290003589670505974583337869609597,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
131
expiration
expiry-date="Sun, 01 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
9996
x-backend-name
US_nlb105
x-served-by
cache-iad-kcgs7200102-IAD, cache-iad-kiad7000065-IAD, cache-iad-kiad7000041-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 31 Aug 2023 05:13:00 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1200,oheight=720,obytes=463958
x-timer
S1696872507.525865,VS0,VE0
etag
"9ff056ef7836ff39f6c648be23e0732e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 14, 2
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=162772
accept-ranges
bytes
content-length
65459
expires
Wed, 11 Oct 2023 14:41:18 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
8138570ddd81bbb0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231009
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbce8fe6c78af012d94c5d5557907681b6fcccbf6978b23366580eae7b8e096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5257
x-jsd-version
1.0.1838
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-iVWTvKuff1GA182RoeZRB1i7PzA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mllI3Z2ZEnYg2oTSiwy83PnVAZIhwH39TNd%2Bow1R8SSGrF1KmCxwXlvsX9JNXM2t7XvgtkzsXd6Zz0uDhh7pUSQ5XdQi7RfLG7n6vUs8I568Usa1W2Rjgx2VSc4M9mT77e13vH2IHQTK6QRSqAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8138570deeb50378-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
612342
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAv0uDt2XrX9anLVBhTYxfxm3s47GEa1%2FpwZE%2FjaliyjPr6XEohV1OFofJuCOWN5IH8NMu7NeZc4BgCfdTlP7iQUr0TU%2Be6XOQtwmmuBgLCuT7HqGtzUERVMla3UbDfAtUcWKnsaU%2BH3hVqi"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8138570e0dde5d81-FRA
auction
tlx.3lift.com/header/ 		19 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.45.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-45-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 09 Oct 2023 17:28:26 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 17:28:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7f2a975dc5b9ebb161f47060cfc35ba8eac2547050a72c5e200cc9982676b3

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CueEZjhgPxRXZ%2BFDfLGzYSJ%2BXdF9TorsZgDdiQ62gseq3oI45b4r5F%2FbHE2S3CpQ7UEsGjKYHDaY2WxR0BeekH7LqaDGdXCnhdNREk81r7ZmVMa5K1DXGmbMDGPltSogZBLyPgYe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8138570e283e5b38-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
mp.4dex.io/ 		60 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 09 Oct 2023 17:28:26 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: adSlot-2
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8138570e48931d9c-FRA
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d3bf345a01519cfda27d710456f60685e973a7dd4138749570099d447a0e6dfa

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d3bf345a01519cfda27d710456f60685e973a7dd4138749570099d447a0e6dfa

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d3bf345a01519cfda27d710456f60685e973a7dd4138749570099d447a0e6dfa

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d3bf345a01519cfda27d710456f60685e973a7dd4138749570099d447a0e6dfa

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d3bf345a01519cfda27d710456f60685e973a7dd4138749570099d447a0e6dfa

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=94282918657&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 17:28:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c9b6e9265df61193006a45e8c19f2729664054c51643a6274678e13e4da63fa8

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 09 Oct 2023 17:28:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 17:28:26 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8138570e3dffbbb0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8138570e2dfcbbb0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8138570e3e02bbb0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8138570e3e01bbb0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8138570e3e00bbb0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=d13a1fba-3cd4-45d6-8f86-572ab0602c8b&l_pb_bid_id=87c7b7c151d8546&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=30a44316-d629-408a-953b-fb98b0260d7f&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.36734834995662147
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e53019d7836ac2835684d18d66ddeb4a5798f283f69d7dba1809bd11a6ccadaf

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=d13a1fba-3cd4-45d6-8f86-572ab0602c8b&l_pb_bid_id=88580a4fb890579&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=efd72c71-a2e1-4293-b1fc-14e2245994d6&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Ftop_desktop&slots=1&rand=0.03467651787520487
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
44f15ca2614641e7ab48346803da3a0979d1c52927c6c97a008098d484d821fc

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=d13a1fba-3cd4-45d6-8f86-572ab0602c8b&l_pb_bid_id=893f1041415b00c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4d2a4f1a-be5a-4f83-b5bc-464ebe77079b&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.40874519864457404
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a6672ac5a528be4b5e94b18ba67708e25198af703251592e80ea12d25a4525f0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=d13a1fba-3cd4-45d6-8f86-572ab0602c8b&l_pb_bid_id=907b968039197a8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=debd17e6-42d7-4c7e-9e96-d37ea69d3c1a&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.6984464910608106
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f63355022823e064d8e33a4c36bef4082b69c1091e3efd8c8d36cf5d4625f322

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=d13a1fba-3cd4-45d6-8f86-572ab0602c8b&l_pb_bid_id=91fe4987759ec8a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8f24ac51-a6a3-419a-9a8a-726130d8f1bf&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.9550422644591563
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6cc350eeff7dbe97f1df01a3c0a36193573ed89bb029e39cb228ee643f35fc08

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
2214040
bs.yandex.ru/prebid/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
last-modified
Mon, 09 Oct 2023 17:28:26 GMT
x-yandex-req-id
1696872506761030-1691844387421322042300334-production-app-host-vla-pcode-51
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 17:28:26 GMT
2214040
bs.yandex.ru/prebid/ 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
last-modified
Mon, 09 Oct 2023 17:28:26 GMT
x-yandex-req-id
1696872506751193-340504816278718283900349-production-app-host-vla-pcode-481
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 17:28:26 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
last-modified
Mon, 09 Oct 2023 17:28:26 GMT
x-yandex-req-id
1696872506746921-392939845822331204300123-production-app-host-vla-pcode-396
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 17:28:26 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
last-modified
Mon, 09 Oct 2023 17:28:26 GMT
x-yandex-req-id
1696872506792315-1326119103664890893300208-production-app-host-sas-pcode-527
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 17:28:26 GMT
2214040
bs.yandex.ru/prebid/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
last-modified
Mon, 09 Oct 2023 17:28:26 GMT
x-yandex-req-id
1696872506793912-1640318104006557633200376-production-app-host-sas-pcode-524
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 17:28:26 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
da461a6d3486d2e21a6c8e53e4f6ce0989c08ae2db5a1e245f9056016312830b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
26
content-length
426
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
41ca862a0db5312de06889c1ed316c345324e70985ac88dd8a627ff63a5c0c43

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		610 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
2a57c34c44f0624bd8b50f520e83f400981599269541732dc95ce43d585c0d07
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
an-x-request-uuid
d5992de4-d455-46cb-803c-3d390c20e6bd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3350770074560118&correlator=4198605762274553&eid=31078562&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=1200x40%2C320x50%7C865x190&fluid=0%2Cheight&ifi=16&didk=1193244743~1193245117&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df4de6d675d53b6aa%3AT%3D1696872505%3ART%3D1696872505%3AS%3DALNI_Ma7A25b9qRmY3ND0Efw5icVYqj26g&gpic=UID%3D00000c9331817db1%3AT%3D1696872505%3ART%3D1696872505%3AS%3DALNI_MZb37zygZNMULaHEWys0bx3XrR6FQ&abxe=1&dt=1696872506601&lmt=1696865306&adxs=200%2C535&adys=1200%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=16%7C17&ucis=g%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=0x-1%7C864x0&msz=1200x-1%7C865x0&fws=644%2C132&ohw=0%2C864&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1076015235.1696872505&ga_sid=1696872506&ga_hid=1060927038&ga_fc=true&ga_cid=1612521642.1696872505&dlt=1696872504475&idt=944&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=1750305995%2C3185403617&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38aedea2129a34778725ba7122d050ffb774e6c017a1dd251867617dbe164cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17171
x-xss-protection
0
google-lineitem-id
6392209359,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449459730,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B303 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310040101&jk=3350770074560118&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame A7CB 		194 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5600:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43851
content-encoding
gzip
content-type
text/html
date
Mon, 09 Oct 2023 06:08:12 GMT
etag
W/"52319100f3cad7c781dec5018ed1ca59"
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-id
fm6z1veQdtDPQBQgA1TF7LpvyYyS0Nw2e1DKDblorCUbHh8rfRROHA==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
VtKfS.xLqR2wYAZ0uda1_bwOn38WDDK3
x-cache
Hit from cloudfront
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame E192 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
21926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 11:23:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0a18fa1718a355012e63fc260f41419ac0cfcb317e94af01772bb807eee04b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 15:57:22 GMT
server
cloudflare
age
0
etag
W/"084df07b0f395210267b9f56d9f086413eb11145"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8138570ee8379046-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
612342
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEB5iSO2h2RkClGjOE2mc8LYPAIVmj98mTOJGemkZqrCN1DFO2mbYiRI2gunjHOhU6UTBzAjr2xJGJEQxy7w6yYm%2F4O8MID7wwcy6KQjU%2BWn7RxFR3TbOCMZV0kyX1FiVG3lMg0B0A%2Bq426P"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8138570ecd122baa-FRA
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1040356
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8138570f3f92bbb0-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
st
imprammp.taboola.com/ Frame CC1A 		422 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&cmcv=&pix=undefined&cb=1696872506749&uv=3345&tms=1696872506749&abt=nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=1946ba67-1fbb-4338-ad95-e7204399892f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
33efb69392ce60ad1d545ce02dd30a6f82709ef59cfba1605b1b932418fe6011

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230054-FRA
x-timer
S1696872507.751738,VS0,VE9
sync
am-match.taboola.com/ Frame 7DE4 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f25935301aaf001e06c69c3c370999bcd7cbe1ff775b7182200a31ce6ad69a6c

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 09 Oct 2023 17:28:26 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&cmcv=&pix=31589837&cb=1696872506748&uv=3345&tms=1696872506748&abt=nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696872504280.4!ts:1696872506748&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-length
0
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame CFC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnHgR5W_puIbF0s8uwbFSFBKDO4_xiSGOnOdUvFapUWb-lVt-farun8_yKh3uoOv9i1uMObdnXHaCGXhsz4gS95zOK4qyX0Pxn9BjecDHS2gUicnFd3U1wSY401tqfCKk3GMCihW8mp_ikekSEXdMwngR2pelGELLzoMI5ZIMZ_1NUUy3pjBx2xhK05zJZBdTW4_n0uNrSDZRfJNhGYb9Wcb1C86LFEXECtuj_6B7xeovpFW-LipUgOLjXwolxjRGOvYxTBRKUTq9frwjRaQ98SxnXHuxHiJGvhBR75jD9JLJ5TcNaCgJlVeL4_xbQjGLBOt5Qr0-BCaeac1dfqN7fRiLwiLgZgKBsZ8N92csb9M_I13k&sai=AMfl-YRAMMnRyZ1SX0SdBzm3qvMQP96Wi_KfQWjAToITNNialfnYpm7CU4tp9xUdZc1g7fhHqVzpdRLT8OOnTkYQ2vhLfd5ScpTrGcTA_DBNem6Hgpfe0XwrWem_ggkF4qg&sig=Cg0ArKJSzHSkhVTi1VJ-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame CFC0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 11:52:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFC0 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:26 GMT
13668303644406596739
tpc.googlesyndication.com/simgad/ Frame CFC0 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13668303644406596739
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9792e2a0d3d94a3cc858a6aa1a097f3959f0f1dd663ab47535c23630dd13d531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 10:10:58 GMT
x-content-type-options
nosniff
age
112648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20291
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 10:09:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Oct 2024 10:10:58 GMT
l
www.google.com/ads/measurement/ Frame CFC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYfRX2s5OMWFK0KBrcmolGsgCoTGfkPTt4AxhRkji1--QfRr173-eo_Syh0qS83M3_DEbHsAr4_kzIwJ94CWxlM7DAvw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
truncated
/ Frame CFC0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
018537a06cb861aa678a4c012b8d70c8860ed44dab9b10fa4cf45446dfe76708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame CC1A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&cmcv=&pix=undefined&cb=1696872506749&uv=3345&tms=1696872506749&abt=nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=1946ba67-1fbb-4338-ad95-e7204399892f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9
pr-bh.ybp.yahoo.com/sync/taboola/ Frame CC1A 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&cmcv=&pix=undefined&cb=1696872506749&uv=3345&tms=1696872506749&abt=nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=1946ba67-1fbb-4338-ad95-e7204399892f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame CC1A 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&cmcv=&pix=undefined&cb=1696872506749&uv=3345&tms=1696872506749&abt=nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=1946ba67-1fbb-4338-ad95-e7204399892f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 7DE4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7DE4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/ca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 7DE4 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8qRACLAY89ngDaf7GxBB47PEG0vyNiSkAAABgYID-AEksR7OJw7ZbK2YWi1u02QzXCpNztVb5JoPRZrkcLiczIyCJ5Wg2cdh2a8XMYnGLNpvhWmFyrtYq32Qw2iyXw-VkZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIqDATk8RofrHwAAAABAAAAAAJAAQBD_LQEQgzt54v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgY8si-8ThL7_BJpGCyCCMAAAAALY2YTEcm6QQViyr____9VgCuAAAELFbshbpn0R2UeAsDAAAAMGaBHha_3-ywa_xul_n_________N_N_5h-NUNDMTJogGzMzNb-AAABrfgEBANiMGwCANwJwgk5CrBaTyWAyWayOQuyGs8VutlhMZgcAAADgzv___78ekHA5FoPhxLBazhwji2kwcVlmo4VvMlmuNiPLcOY9b9HDr5TYe719MpDvdhkePpdBRTeZXZ7PQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FY7AZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBjMMwHMw8i7ViNlisRYuVcy0xzhxrjWu0sa08u41l4XKLXh_TxzGymCzOLRIMENmL5GmRTiSexWK2MZksHpvHOVtNdiOLybSwmQbLwcKx2o0mYonmZJFOZJd9w-VYDIYTw2o5c4wspsHEZZmNFr7JZLnajCzDmb_jMAwHM89irZgNFmvRYuVcS4wzx1rjGm1sK89uY1m43KLXx_RxjCwmi3PfmC1nw91kNVjtG7PlbLibrAarfYfJ9Ex9zkbXLeP4uEQSb_E6vjkNCpfB4v1JTItpd3bw_H5Hp0tbTRZ1Rr_f7_f7_X6_3-83aD0Hs0HhO-5Uh8_yNhlWfrqD2GBQxBLBRTrRPcxmh9Ps1j3MZodFLFGaLtKJvuh3uwwPn8tfEUsEp4t0IvS7XRb1HzXQaq4YLeaK1WSum60SAAAAAAAAAIAlmGa6CQAAAICTQQ0nm81qnQ5mshquFqvlAriAmdT10-uqOFcV2LsrJVCJb7sOW6JYY4813MNsdjjNbt3DbHZYGcCFyzezzT4jiLVaLWsAAAAC2AAAAAK46cabgDAr7v___38cAAAAGTn0AAAA6PcBXRUIP3Kh2PMriM1iNds_ABVirVar2421Wq2ABDfbLCfw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csi
csi.gstatic.com/ Frame DC53 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnj62tgb&c=3780329745753&slotId=1890164872876.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1060927038&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1076015235.1696872505&tid=UA-4780630-1&_gid=1612521642.1696872505&gtm=45He3a40n71T728TH&cd1=1076015235.1696872505&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=652319060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 16:44:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2646
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 09 Oct 2023 17:28:26 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
drop_cookie_sw.php
csync.smilewanted.com/ Frame AFE8 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8138571018e8bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:26 GMT
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame CFC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUwf6SkIz7QyujEUadRcs_gfdfnyUGD6_U9BFxSgTKehz2SjUzFLWkRzebNqFUp2b42gEXOUX7yzoJemQsp4IjYcx4dzDkNM1KlXI2bxO2-1VP3uNvTaIlUsZqXg9ix5bV1UoI-IM-oklxTeX2GdrI7auzD8KdPUIAM9ufTnP6bgpm77CxdjQZg8kxKNJkSC_t8WOgHz5EBBraKdMiCOT9VwIL13Xfgt3HasZaW6MzWybizbHebxqwb8WYjr66H6sJIXNeb41MvTs6VoJGW1FNQpop5zVOmg--hQYNyvzfwZ2Iwpk4Nt9rcvTM3kYshxkaOCRsYpzuQwnEC1l5weMkueuiFV4o8MQ&sai=AMfl-YSv-lNnePbgXmW5A6iqVw0r0AlhwtU9PanxgJ2JHSwhc4zDVXh_LcBXJ4ncrx2OKsHJqRzueOFhnZ0D6NISew1qGSr53ZxBRNR1idcLAMuT8T_0BPB2XVfZ9rRdi1I&sig=Cg0ArKJSzCDF6nKwadOdEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 09 Oct 2023 17:28:26 GMT
/
onetag-sys.com/usync/ Frame A759 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 17:28:26 GMT
server
Google Frontend
x-cloud-trace-context
360d7d98f121aaa21b2d29422c627525
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id
1bb871e8-022c-4d96-a0eb-90555ffd0b8a
x-vad-version
0.14.16

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
6d45afb6db3ef49f010020e3fd89f67c
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3350770074560118&correlator=2823137450342529&eid=31078562&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Ctop_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7&prev_iu_szs=120x600%7C160x600%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x250%2C300x250%2C300x250&ifi=18&didk=1193244742~1193245113~1193245112~1193245115~1193245114&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df4de6d675d53b6aa%3AT%3D1696872505%3ART%3D1696872505%3AS%3DALNI_Ma7A25b9qRmY3ND0Efw5icVYqj26g&gpic=UID%3D00000c9331817db1%3AT%3D1696872505%3ART%3D1696872505%3AS%3DALNI_MZb37zygZNMULaHEWys0bx3XrR6FQ&abxe=1&dt=1696872506955&lmt=1696865306&adxs=1480%2C920%2C516%2C200%2C516&adys=160%2C173%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=i%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4&ohw=120%2C1200%2C300%2C300%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskt9C2By6E4SKN98o0ymSJsdNGIFHfJEr1W5SxUIA9PEWOYN47dg_Jeoe_vh9bMNrRg_SOSfi0HBkAH0Cw-IoDVbjnwA8MJ5YiO2TE&ga_vid=1076015235.1696872505&ga_sid=1696872506&ga_hid=1060927038&ga_fc=true&ga_cid=1612521642.1696872505&dlt=1696872504475&idt=944&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.08%26vad_adid%3D133b6ec531b73b19%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=2273020715%2C885339186%2C1717219177%2C1472875564%2C2299111211&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c7e882540db9efefa24a96bc8c5b0209377cb94c3590a7eaef50b56fe121c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36143
x-xss-protection
0
google-lineitem-id
-1,5747390389,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138431664988,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame 2218 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 09 Oct 2023 17:28:26 GMT
X-Sovrn-Pod
ad_ap6ams1
generate_204
tpc.googlesyndication.com/ Frame E192 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w4OAqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame EF13
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Mon, 09 Oct 2023 17:28:13 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:13 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 3870
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696872507093
  • https://ad.turn.com/r/cs?pid=45&rndcb=7478083408
  • https://sync.1rx.io/usersync/turn/7741086008117221691?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-8f86bb3c-5b8a-46a4-bcf5-444...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003
0
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
813857127cdcbbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Mon, 09 Oct 2023 17:28:27 GMT
etag
RX8f86bb3c5b8a46a4bcf5444e7c09bcfa003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
a3fd4cec-bce1-531a-9d91-741ef8b54c25
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 24CE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=2504124715420108818
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/a3fd4cec-bce1-531a-9d91-741ef8b54c25
0
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/a3fd4cec-bce1-531a-9d91-741ef8b54c25
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81385714d8b8bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/a3fd4cec-bce1-531a-9d91-741ef8b54c25
smwt256.gif
us.ck-ie.com/ Frame 9E85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 09 Oct 2023 17:28:27 GMT
Server
nginx
cookie
cm.adform.net/ Frame 968B 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 09 Oct 2023 17:28:27 GMT
server
nginx
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?tvi48=11657&tvi50=13156&route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
date
Mon, 09 Oct 2023 17:28:27 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7518
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
pragma
no-cache
server
nginx
x-timer
S1696872507.203548,VS0,VE11
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
k-U7zwh86tPI8VbmfkYeKL6tTKM00KZQE_A812eg
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame 2201
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=69a96176-48fd-45...
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=p_vRBl9QOEd1TEkwbWdyMXBzd0MwWURoYjA5RW1qTVhCTkslMkJvMmtFU0tUMTZzZDJYMldsTmZZUlhGY09HakwlMkZ5VXkxcWhJcjJ0YXczZDNCSkxuMUE0VCUyQlNnVjFNUHdPY1N6NGJOW...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=p_vRBl9QOEd1TEkwbWdyMXBzd0MwWURoYjA5RW1qTVhCTkslMkJvMmtFU0tUMTZzZDJYMldsTmZZUlhGY09HakwlMkZ5VXkxcWhJcjJ0YXczZDNCSkxuMUE0VCUyQlNnVjFNUHdPY1N...
  • https://ssp-sync.criteo.com/user-sync/match?p=p_vRBl9QOEd1TEkwbWdyMXBzd0MwWURoYjA5RW1qTVhCTkslMkJvMmtFU0tUMTZzZDJYMldsTmZZUlhGY09HakwlMkZ5VXkxcWhJcjJ0YXczZDNCSkxuMUE0VCUyQlNnVjFNUHdPY1N6NGJOWXFpREt...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-U7zwh86tPI8VbmfkYeKL6tTKM00KZQE_A812eg
0
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-U7zwh86tPI8VbmfkYeKL6tTKM00KZQE_A812eg
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
813857144fe8bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:27 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-U7zwh86tPI8VbmfkYeKL6tTKM00KZQE_A812eg
server
Kestrel
strict-transport-security
max-age=31536000; preload;
b2a85da0d943a1a77fe3251a9ea067df
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 5C4C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81385714985dbbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 17:28:27 GMT
Expires
Mon, 09 Oct 2023 17:28:27 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696872507588016-380
v1
match.sharethrough.com/universal/ Frame 321B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.44.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
container.html
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 86C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:25 GMT
expires
Tue, 08 Oct 2024 17:28:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0201 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6s8wTwjVB4HmUCNjfwV2JTAKElnB_wosurahsibxQESLLEw7hAfT2i8jZTIMs15i-_a2rh-un7esKcE53ZrQS3lpaJD5fY-RYmTiDY4-Pq3xP_x_FIPMFJiLl2G9-r1s-_BEufRLVAefKJpNGbqliUQU84aj6DxmvB9W-VrXbQ1AP8yjkRc9dCv9MmwRk7kBFwP2-PyM2F_xNHot_0JJm27XpcdHkToji8eIal4Nu6TRuCQj-Ul7fCI3jOvO4jekoLooPqn57YHEDIr6iz9ySp_bQ_zXM3cUehjFWDlUIOLlJNOiUpzmkLeSnui79Pblj43344K-rcnBqnd88K8E96II&sai=AMfl-YTz6Sz3vEJzspc0zaZLk57iE-5dR9A65bwSXBRXARHKJnG_9-HlBAXfly4A4oW3-aQp8oJ-RvI3rJqQVIbHBCnZo_EHtjvowM4mDQrvzLkc4MM7xjmNCB7KM6Nwl-Q&sig=Cg0ArKJSzIrdtABYxmHjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winner
hb-dot-valuad.appspot.com/analytics/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id
179f406d-87c5-4223-880a-bb3d8c6f5b4f
x-vad-version
0.14.16

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
811f9c09411018d93361b71c7fd1e5c5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
afr.php
ads.eu.criteo.com/delivery/r/ Frame ED7F 		152 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
94da4813c116c289bfcae6e3530e31744ff6f6cb57ea4c84d54d5f99c29fbe9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dVAn54KqU6imLmKYdvsKJ8EpWN6KJMoY9rRCj1szHLvROLAPpanUJa8DmBtGZ4m4iOO1C0ISGsKY9w1yMynBV6qYPWDpZE1LZw8pIgRDuPsy3xBAu0VbD9LcS3DYKn7hoquV9yMcrdN-yMaVD-CJ9DsgFTCWcLcr7FYHtcSWY5uGKGnbkfEKbYA2nx03CAvnBLPHGSobwgd3HWAP-aNBXufoVGYK9q_n1y89ZPeYLzGpK_GqJqOz0rytNTwy1YoEOI19tg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
51601950
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4293 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Oct 2023 17:28:27 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0201 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
container.html
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 25AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:25 GMT
expires
Tue, 08 Oct 2024 17:28:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B2F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:25 GMT
expires
Tue, 08 Oct 2024 17:28:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2FA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:25 GMT
expires
Tue, 08 Oct 2024 17:28:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
71d0efdd-8685-4a54-b79e-82496ad022d0
beacon-ams3.rubiconproject.com/beacon/d/ Frame 0201 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/71d0efdd-8685-4a54-b79e-82496ad022d0?oo=0&accountId=24684&siteId=431740&zoneId=2465510&sizeId=57&e=6A1E40E384DA563B3803C767B2DCA0FD14B1E290F1DC62CA88FD8A979522A2E141C3CAE2C81481E79B649B6C483EF4879F0BE1F8337FD75DF21AAE81A675A7223C115F3AFED8BAD5F80844D9B50555E33090C0F91BA1AA1A2ACC93982552816265174BCCE5EF171E697D3060555A539EBEFC00C2B369474A9F952D7F1F601E9C3258F5BB3B073BC91A1F1B38C1021EA30809797CB950B081F8C3ACB6C7201C270B080BD5AC16DE801E3FBFB182C64785921E34F7189C19A8329A3CCBBF8F2E2C27C25492508FCF444860BD4D2DC129870A24E12F76F8E922A9B65EF70DDE6B164E9EE02CD193D9CD2C520423F61041F6D52EF06450561D30162ADF907B1C4D2B7520230267551158FED1BD9D9D22E03BAE6B3419CE311B8410D02A49E63D109A4516331D03381E9261AB1A67C114C4EF373CD498D4F760E33090D13F8258218C977ACB3E1CDB33C0D9172339F262F017CAF1D17CECB249C358AAED459301B924E0CC7689E12B618F072017FC0988FE9B0BEB6E3E6A3D5C42DE8FA2A952BDB1018A166CFE315CB908576D3155A78D428036FDCD1EEF872A7866B70EAA7E5CF830877D4CB5DECAC80962C0BC9E5B73AF18539D2F62021203DA0DF296B4A9403BFF39AABE3ED60E7294EA058EBEC7CD3DBF82BF1B22A8771072AA4A0D2FCF111BD191086B5384DFE6BBD64EDB56FD31CDD17B45C76C09A3929E4883E185C18B9542A8FF42C385622B073238401366B3F75399DDB913321E16117A2DAAE35B82D6568997C7BFDA4A86DE7633B834B2C7A4E8CB37D9A054BFACEB1757EB75872E5E838CFB490D680FF4453DDBDEDCD55E7F492963CEC1BF7364DB7799408D313C68535DC9093BB8397B44C43A98FBC3B099AC469784CB6C37CECE15134FC0F68B620125932BB723B4DFF2251092206CC21AC068266F856C17335BBFF4DC0196276434E57144C8D222AA30FD4982D7CB59F0B44FC94B371D105BD1082AFD7CFFA3369D9FBDF13941DD19C16575A27C4A61BA3CF91D49F331107F24F645F7A823855A42D8CA9065089A700265CCB872BDA4C48E0E722007797C7B326DA09BFC78E8F333C654B27C31C7CFB02515C6A47A67A7B6139AEFAA4D7E555841FF9A3FAF75111314E1CF13EF6C13C130C3F435BD9F3D7B7CB0F7503E20B28EF791495C5045846C5AD179936DA01A110D8D5485C3D07C13CDA10306204D320B
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
csi
csi.gstatic.com/ Frame DC53 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnj62tw3&c=3780329745753&slotId=1890164872876.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797156%2C44797965%2C44801604
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
winner
hb-dot-valuad.appspot.com/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 17:28:27 GMT
server
Google Frontend
x-cloud-trace-context
71436dbf4f8a08fee896f8da73e456df
x-request-id
undefined
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 09 Oct 2023 17:28:27 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
10844
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696872507.433728,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
13
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6796
view
securepubads.g.doubleclick.net/pcs/ Frame 0201 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseB5AceWSmBHlcHcjNUL1D4iCeOegh-SbojW1QAt3vZrLwT5e_4IsTCgrl1Mj6DrCjg4KYs_LhULbmZo7pQ9sTO8qshcklNpzzui25pr_GGK0CWVbMCP9Kp2LNp995ZKDtreykfXijeRAQP9ycn5DHxZ3zX0uOKQFrRXZReNJ4xglYk1QiTkZQJg_kzGd3BF9pqSzmLb1R-iMkkNLw12i2K4mDFqWeXMJr8-yVFuZyFcKeooDgGudStrwPnbp7WwgpMGSkP6Mf-MXSp5S83PGUl4b-JapqgheWrclG_8BYUUD0kehw_6c9am2-7VoBNTEF6wxDMIeT9GBXWC9PwX6dXLn6ew&sai=AMfl-YTHKCAZoH8y6RuWC3DkXhnQECjB9WkEzMA8luCCOe1ISFiGXCPjCwmxJEeSpJ63kLjGFNviMwgHcMU1eLq0PEcLcaukRcX5u9_m90hvNWQIUdG7woMYcSBuSGXPLzo&sig=Cg0ArKJSzKWIdk5rFvmXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 09 Oct 2023 17:28:27 GMT
truncated
/ Frame 0201 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78ba7e4c807aee54ec233de085fdf42110f704a0de42cacac4805d8cba2f2db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1A3D 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjsnNbtATAB&v=APEucNXcWSggUsfbQjJYMeMhAZ6dcTaKSl1-Pp6j7QqhUTxaJ5H5M_r_FLqquy6iiS24u38Ka8-VLWCvrotpnD9OWqGOEblsVciXmDmd35IsQ6plCrB7GTPaYy5ZFcdrH-lcZhvoLJ_KZ-75odSvYgfnZ3CHGVuundNr8wXdKm8zojG1AzQsrOE
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 86C9 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86C9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dvq-nxmsFmlplX7HpiRom8k09y8z2lhb7d8VpmcU4QFYvsI6Nfkdl6uat3PJSA9Sse411D20C_t0cFQE-S1g7XoTZWxFPKcO5KWvePUsb7m4TPma0
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14459367922749379512&x=1&ct=76
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 86C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 11:52:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 86C9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
14087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86C9 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EDEE 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNUYsxnZjQOiUSOiXppdImz697-eh14ok2Ryqp6vB-PhXTd7CJ6HGW3zbnbeDpSei5jxw1iRzQ3TJhQVVzbN5eQ6a38fsEKqeSm3Ame7yUKWg7VeCbOHjcEzjQBRdOumw5strN36bxkNV9kevjjpb5VaLFzrr4BZ3xQQec7FIrr89uh_fTQ
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1B2F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B2F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSF8i8rjpyWar2WP6ZpWSN96UGE1ngd6rYVI3xbMfLIrTUwbKwgEHC9U5HWy0LVKDEe4ryGhuOiRiSCXfflSu7KO8Yi00XOC7BOj5jteqdPHAy3Uc
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B2F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12145148386681817522&x=1&ct=76
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1B2F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 11:52:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1B2F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
14087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame 1B2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqW0-ZevKzWC1gDP-9IEfxNy-duRcq4RhTuyWDMo70P-0ywViu6ZIEwOpuEoH_6cOB__V0y4os8mHHkEwl4PjHfp_dxQ
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B2F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
usync.js
eus.rubiconproject.com/ Frame 4293 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 12:26:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68237
Connection
keep-alive
Content-Length
10539
Expires
Tue, 10 Oct 2023 12:25:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5736 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNW0zEdj1P724rdalLELwxfnyqCZLz_AedKVeqXqAnqVhXBN3GTJGcRU7-BTWst_RG7cukfWJXqwlhudPLGk_JO69q8tK4Stp7rhDvgA_pdDz_qT7MWZm5tgiQIuDxM3FpQ1Zn0wFM6Mt8PyyPG1zIkg-HGt04fI12UAmxaEagPdxQlICKs
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 25AB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 25AB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BR5cN0dcRRFqgpO_QJGlTod1x3c43CXBXhXT7TOiRUUzcrplhrtJEglAXzQtbVVOf13PiRTVLARlLreX9_L9nD0dRdqfqy3J8GZVJflkdy00pNcTU
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 25AB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14912880494073449003&x=1&ct=76
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 25AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 11:52:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 25AB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
14087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame 25AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9u2BZwE0VNjXNm89LuC09bQqkE8U0dB2ygr1wNQBd6gAaX4V3sy0bqpRM1IK5orQLQsoJ2Bze7pPO6yDR_4GTpRY7mg
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 25AB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 567D 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNXhUzJIWg_V9_edktpn1Gjcy-4TLcrETFNEzrCANM_tz9IWgI_Xz2VHFGsui_QLyGJb4Rsm283bYASxgX7HdObrhVy0YNEoySThEiw4USyg7jzCaFbe_FhaN2n_iobGely9Z20tNhV-wYzJslNXJ9UgB8Xewk2CtlW9Pu_NcVascvhs05Y
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B2FA 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAHYI4StfwKPWjUlT9qab21QxWR0K3bGYCYdBvlNUKw2Gb6YAXJnyZeifDtVdHh4AEXfmgWqC8xoB7o5sKwmuzero-Mjid_eSeWy4PaHJ0xcJ2nn8
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17443527353865872851&x=1&ct=76
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B2FA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 11:52:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B2FA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
14087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame B2FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZ5cx5hHXGyz9DXdrl0rd5Ux9M7JADTnTDpr8RfZ7Qh6t4u0BkwUYliseke83D8qAPfOeg6LBEN0EsC-4F4JHrnGMg4A
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2FA 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 17:28:27 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame ED7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame ED7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame ED7F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 03 Oct 2024 17:28:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame ED7F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 03 Oct 2024 17:28:27 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame ED7F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qxteWnW2IhAw55DCCcOlynLODEuYqxahdyWu6ZOJPgy4OBacrvgkKmoUobm8BzQRjImsgqodCJ1dNsVDYnfc227DOMGuwIq147ck0tqaKuL2dso1H6MUHG1mCH4wegNCLlL-bCUTxf8bVYr4zLX1qk25TY2lsyjQBc7gdR1_cK-WOi5WQJdMNorjhj7wkh5TfQhstJCB0Uv8d1p1dlFs79dpGVYm5-v_DcSgiWp1l1GzTNB3nMqkLlITVcqB2WuK3_pjC7D2UO7NbFgvWU4NQR3yNvdKXRtbAgXl_VlORRGR35QHzYqg4cT_OVJKkFfqNIVhn0pOnf7vIWWQpXL33g9IhSJtVo0Kr-tzh9DDRoTpQs4-VkGlcbT2HkjSkMEMbINI_203H7zF1WXdFAqYofnI0ZTpOB4vyfNl04wRsHDQnMb8L0bwCiAr62hhsLqwnr4S-g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2546589
expires
Mon, 26 Jul 1997 05:00:00 GMT
B30324728.372746799;dc_pre=CMberti-6YEDFcTTEQgdxToCJg;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778afe34ac32bce051cbae;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/ Frame ED7F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/B30324728.372746799;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778afe34ac32bce051cbae;dc_lat=;dc_rdi...
  • https://ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/B30324728.372746799;dc_pre=CMberti-6YEDFcTTEQgdxToCJg;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778...
42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/B30324728.372746799;dc_pre=CMberti-6YEDFcTTEQgdxToCJg;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778afe34ac32bce051cbae;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;dc_tdv=1;ltd=?
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1477483.5007327HA_OBS_DE_CRITEO/B30324728.372746799;dc_pre=CMberti-6YEDFcTTEQgdxToCJg;dc_trk_aid=563405347;dc_trk_cid=195845084;dcopt=anid;ord=6524383baa778afe34ac32bce051cbae;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;dc_tdv=1;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 4293 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310040101&jk=3350770074560118&bg=!8vGl8b7NAAbjlzx0w5c7ADQBe5WfOIvO7ObxByoNFx-GpEh2Yl1uKonQOaPJE42aQF6EDQcqQZbnNCJ97nwpsaAkdNL3AgAAAQFSAAAAB2gBBwoAXSxws_tWURyxEnBlYMeh455R9-C8GTnL45_wO8UtB0gD8RUlDWyJZZ6BqexbHrVMmDC39pCPGt1OXI2G7lWvxaGijp81rKINP-W0Q569KUPFNRZy6gkSPd24Mu_Tx5kCtPzuM_FSxnmn4STwLmFXOe-OqkwAcmN0SIoOib241j_4na7T3rfio9FKCuvURrkRt6C5dx02_2fUghmWzqxXYVASRf2Y7ta0T7Ypy4uu1m1ZCKLb1Nh1wbKGae6jOkrr1Tm54SV5uDgXDyC0mS5B1QeQjXX-dh5jGwYLQoLT099yzZzIqFGGAcT5x43RN94fW_8Sq9TUil1mzUKUXr3_geMYvlFHFIz7FvAGweyQ4EhF8pbLKr_CmTDkBL-GmRK5Gxy7HDLbSBs3_t5kYuXOLh47tqw92MRhgPmAlRneFDM2wx2Sv9Sf4n4hS1llBDXONilizbvxwDDtcc2al5ixVjrCYnA5DobxPr5yM2wK0zWA6ptDFygMC9Yh_KXvg7ywiFhY0AnssYgzWlpG-YBqbRLWk5kkTCya80lwo43tq6p7z0ajpSghIoGfLyvVYZayhBt06v8l-Vq3kDyNKFuGF30zN7LCOy3z8HjajPTvW2gXAZHWsxfcXjItGySid64rL0xh07FOV1KWHFD6hwFUdnS0vJkIhf8oBOId6aqm5-w_qiKZxUIxh5A5QHfQMoh80IJX6rF_7WN4UAzHv-1K3k90vTYQq8oICtOLCnhddZEEQl6-HxdA_rTR6aQ2181TcCIwyDDFGJ0YMGHFX2rRpLckL9b85KG8LVoqFsckBhncrNGlndh3kYVz3px4l0bbNTDC8w-yOrU271sp4ZBLKFx19K5PHurUuNSDs3C4oe-Sgu6GsTHU1wq71fvyhqNu2uE57Il1AePYa8aE5Uu-a5Znuw6hlsHWNcvfE8y11ZAR7i0tyZmw1Dz8QGWxMGychIW5p1P6k_t6ANCH8AIxR2liZ5njdYI9oXgwRaJXfRGpkOH8olYPnjFT-0kktoPqsVrbMfa0bcj4oET7H3Xw_1CLeNJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
dis.aspx
widget.fr3.eu.criteo.com/dis/ Frame 6FD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=6524383baa778afe34ac32bce051cbae&r=https%3a%2f%2fwww.walla.co.il%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
656aa57e2868296542767f0cec187c26793e193a3ec9eea3971911803320835e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 09 Oct 2023 17:28:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2004336
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame ED7F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
929811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL7G6uyGsRMSlKWLsUcnZ%2BgFIqdC6ZQR%2BCmNe5pCRrkiBP0KS1uSUAMTw7SJkdaq9OPE9rjFXJvBpUr1dL7Dhk3yoiVFkV2oyBXMJG%2F8FhcsIr9qemneOSAUqKjk0%2FEeKcO3oVrxi3Z8sC8BMc%2FhBGKV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813857146fee914d-FRA
expires
Sat, 28 Sep 2024 17:28:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjsnNbtATAB&v=APEucNXcWSggUsfbQjJYMeMhAZ6dcTaKSl1-Pp6j7QqhUTxaJ5H5M_r_FLqquy6iiS24u38Ka8-VLWCvrotpnD9OWqGOEblsVciXmDmd35IsQ6plCrB7GTPaYy5ZFcdrH-lcZhvoLJ_KZ-75odSvYgfnZ3CHGVuundNr8wXdKm8zojG1AzQsrOE
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbvTWHnGLnOi%2BDS0JbAZVlWbmTGUWR%2Bh%2BE6pbFJnNHaQCgPA56Q3FGwEkr03bl5vT77FaEeGAWBMim0YJ5AKsdj2CrO6Ch8%2B38JYBdQP8InoRqeYJN3fuVnjYoBE9utqAFIg8%2Bp%2F6iYMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857159a4a8ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A3D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQ4O6FjR.6R5cdb4Bjp1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjsnNbtATAB&v=APEucNXcWSggUsfbQjJYMeMhAZ6dcTaKSl1-Pp6j7QqhUTxaJ5H5M_r_FLqquy6iiS24u38Ka8-VLWCvrotpnD9OWqGOEblsVciXmDmd35IsQ6plCrB7GTPaYy5ZFcdrH-lcZhvoLJ_KZ-75odSvYgfnZ3CHGVuundNr8wXdKm8zojG1AzQsrOE
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGQ%2Bb%2FwitXgbtYdI8htMHlE0E9MWVWlGARY2%2FnJBDC%2FJc5djo8zW1zWnZBaA%2BBAlHH5RdxrrsQ%2FgPKZnfcjibq1LTAi472XcNiNz%2BDeaJtiKjMbCNUB6PV7HkhDsbphIJQzbg8iK%2FI2tBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857161af38ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1A3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjsnNbtATAB&v=APEucNXcWSggUsfbQjJYMeMhAZ6dcTaKSl1-Pp6j7QqhUTxaJ5H5M_r_FLqquy6iiS24u38Ka8-VLWCvrotpnD9OWqGOEblsVciXmDmd35IsQ6plCrB7GTPaYy5ZFcdrH-lcZhvoLJ_KZ-75odSvYgfnZ3CHGVuundNr8wXdKm8zojG1AzQsrOE
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
an-x-request-uuid
4f97b5dd-dda9-49da-b051-83e31bc8e00e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A3D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjsnNbtATAB&v=APEucNXcWSggUsfbQjJYMeMhAZ6dcTaKSl1-Pp6j7QqhUTxaJ5H5M_r_FLqquy6iiS24u38Ka8-VLWCvrotpnD9OWqGOEblsVciXmDmd35IsQ6plCrB7GTPaYy5ZFcdrH-lcZhvoLJ_KZ-75odSvYgfnZ3CHGVuundNr8wXdKm8zojG1AzQsrOE
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
an-x-request-uuid
be250c58-6768-4836-9406-63dbbd3b48b1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EDEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNUYsxnZjQOiUSOiXppdImz697-eh14ok2Ryqp6vB-PhXTd7CJ6HGW3zbnbeDpSei5jxw1iRzQ3TJhQVVzbN5eQ6a38fsEKqeSm3Ame7yUKWg7VeCbOHjcEzjQBRdOumw5strN36bxkNV9kevjjpb5VaLFzrr4BZ3xQQec7FIrr89uh_fTQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlcAuzoU7SM54WyZWnv1eBQEdVkAgHVwFLlZXmYAfiPqDLot1qtfzeu1E4o0Bb9p3WRE%2FJkn1yO2x2zZ2sV5XwdwRFpQV9qUAdlq8w7zkwnFxatuvwlOnpTWt8fCO0UJnORiTFewWUwD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857159a518ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EDEE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQ4O6FjR.6R5cdb4Bjp1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNUYsxnZjQOiUSOiXppdImz697-eh14ok2Ryqp6vB-PhXTd7CJ6HGW3zbnbeDpSei5jxw1iRzQ3TJhQVVzbN5eQ6a38fsEKqeSm3Ame7yUKWg7VeCbOHjcEzjQBRdOumw5strN36bxkNV9kevjjpb5VaLFzrr4BZ3xQQec7FIrr89uh_fTQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os1qLqLOJLuYojlsnWgAArowgME1jFx7g5KVBapZdV2utRoPkBUnBOTonJBOtoSw5bKv7BUgFFw5V4E%2BGATwEn2h0oyoqr1Tl9Vu7Et7k54OdcEegW6ARWwGLXFPlHrjSdWdH8nMa3Vzog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857161af58ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMzHo7qYlIyS5jXkjW-McA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EDEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNUYsxnZjQOiUSOiXppdImz697-eh14ok2Ryqp6vB-PhXTd7CJ6HGW3zbnbeDpSei5jxw1iRzQ3TJhQVVzbN5eQ6a38fsEKqeSm3Ame7yUKWg7VeCbOHjcEzjQBRdOumw5strN36bxkNV9kevjjpb5VaLFzrr4BZ3xQQec7FIrr89uh_fTQ
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
an-x-request-uuid
285385e3-22bd-4484-82f3-a81c571f4c06
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPR5HiuuI5CmOb7aPjJO-lQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EDEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNUYsxnZjQOiUSOiXppdImz697-eh14ok2Ryqp6vB-PhXTd7CJ6HGW3zbnbeDpSei5jxw1iRzQ3TJhQVVzbN5eQ6a38fsEKqeSm3Ame7yUKWg7VeCbOHjcEzjQBRdOumw5strN36bxkNV9kevjjpb5VaLFzrr4BZ3xQQec7FIrr89uh_fTQ
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
an-x-request-uuid
43c6945a-33ef-4fc9-bea3-0f377910cf4e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5736
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO5gOw7vSnslaGv3k6ASwoY&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO5gOw7vSnslaGv3k6ASwoY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNW0zEdj1P724rdalLELwxfnyqCZLz_AedKVeqXqAnqVhXBN3GTJGcRU7-BTWst_RG7cukfWJXqwlhudPLGk_JO69q8tK4Stp7rhDvgA_pdDz_qT7MWZm5tgiQIuDxM3FpQ1Zn0wFM6Mt8PyyPG1zIkg-HGt04fI12UAmxaEagPdxQlICKs
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO5gOw7vSnslaGv3k6ASwoY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5736 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNW0zEdj1P724rdalLELwxfnyqCZLz_AedKVeqXqAnqVhXBN3GTJGcRU7-BTWst_RG7cukfWJXqwlhudPLGk_JO69q8tK4Stp7rhDvgA_pdDz_qT7MWZm5tgiQIuDxM3FpQ1Zn0wFM6Mt8PyyPG1zIkg-HGt04fI12UAmxaEagPdxQlICKs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 5736
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECto3BYTi_WUKldwk3fVOJk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECto3BYTi_WUKldwk3fVOJk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNW0zEdj1P724rdalLELwxfnyqCZLz_AedKVeqXqAnqVhXBN3GTJGcRU7-BTWst_RG7cukfWJXqwlhudPLGk_JO69q8tK4Stp7rhDvgA_pdDz_qT7MWZm5tgiQIuDxM3FpQ1Zn0wFM6Mt8PyyPG1zIkg-HGt04fI12UAmxaEagPdxQlICKs
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 17:28:27 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECto3BYTi_WUKldwk3fVOJk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5736 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNW0zEdj1P724rdalLELwxfnyqCZLz_AedKVeqXqAnqVhXBN3GTJGcRU7-BTWst_RG7cukfWJXqwlhudPLGk_JO69q8tK4Stp7rhDvgA_pdDz_qT7MWZm5tgiQIuDxM3FpQ1Zn0wFM6Mt8PyyPG1zIkg-HGt04fI12UAmxaEagPdxQlICKs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 17:28:27 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
animejs.js
static.criteo.net/animejs/ Frame ED7F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
partner
sync.search.spotxchange.com/ Frame 567D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPTOR3UcENbHobCvo5USWZE&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 567D 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 567D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNXhUzJIWg_V9_edktpn1Gjcy-4TLcrETFNEzrCANM_tz9IWgI_Xz2VHFGsui_QLyGJb4Rsm283bYASxgX7HdObrhVy0YNEoySThEiw4USyg7jzCaFbe_FhaN2n_iobGely9Z20tNhV-wYzJslNXJ9UgB8Xewk2CtlW9Pu_NcVascvhs05Y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
img
imageproxy.eu.criteo.net/img/ Frame ED7F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=72347&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F72347%2F4872510%2F0ce0d7f7e2034c938cf5581e0d351908_logo_n_square-3.jpg&v=3&w=176&rid=6&s=INFAoeiPRUqpTbfnKz4ogdTV
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f1f799e5ea0df7509109aaa1abdc35bfc14c1c528c543c830d3497a81c0a1ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1668
expires
Wed, 02 Oct 2024 13:15:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame ED7F 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=72347&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F72347%2F4959505%2Fb9b099af3dbf4d1b9df1f71375308301_img_horizontal_1.jpg&v=3&w=1200&rid=6&s=TiAFmB0ffFI-JihiIvNnZOqG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bbe289553e6c11a34fcc1da05baa7042c8d6bf0c333df8ed92559c1b8b38f000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
65642
expires
Sat, 07 Sep 2024 10:47:35 GMT
img
imageproxy.eu.criteo.net/img/ Frame ED7F 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72347&q=80&r=0&u=https%3A%2F%2Fwww.lg.com%2Fde%2Fimages%2Fmonitore%2Fmd07571278%2Fgallery%2Fmedium01.jpg&v=3&w=400&rid=6&s=X--cCe6XGdY8wCmqRefd7lBm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
23e722333f49a955a1fca9d023e995301df79489e431602bc2c7eeb55dd890ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=79510
timing-allow-origin
*
content-length
11758
expires
Tue, 10 Oct 2023 03:47:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame ED7F 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72347&q=80&r=0&u=https%3A%2F%2Fwww.lg.com%2Fde%2Fimages%2Ftv%2Fmd07570566%2Fgallery%2Fmedium01.jpg&v=3&w=400&rid=6&s=6mZfpytr0mb3C7EVj4Nq1U2E&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
99997ebe9a98513a40987e80bbb0bfc7fcb24604ec9f8ff336ee999fc39a0c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=78492
timing-allow-origin
*
content-length
13694
expires
Mon, 09 Oct 2023 19:59:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame ED7F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72347&q=80&r=0&u=https%3A%2F%2Fwww.lg.com%2Fde%2Fimages%2Ftv%2Fmd07580214%2Fgallery%2Fmedium01.jpg&v=3&w=400&rid=6&s=iQlH6OMISXtFMk5SFM9bNgQ_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a6780efe4d9d6a6233a35dff85651e5ade26bccde07079762401b686ed9aa93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=78613
timing-allow-origin
*
content-length
9042
expires
Mon, 09 Oct 2023 19:55:49 GMT
all
csm.eu.criteo.net/ Frame ED7F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dVAn54KqU6imLmKYdvsKJ8EpWN6KJMoY9rRCj1szHLvROLAPpanUJa8DmBtGZ4m4iOO1C0ISGsKY9w1yMynBV6qYPWDpZE1LZw8pIgRDuPsy3xBAu0VbD9LcS3DYKn7hoquV9yMcrdN-yMaVD-CJ9DsgFTCWcLcr7FYHtcSWY5uGKGnbkfEKbYA2nx03CAvnBLPHGSobwgd3HWAP-aNBXufoVGYK9q_n1y89ZPeYLzGpK_GqJqOz0rytNTwy1YoEOI19tg&sds=2&rev=88731&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 09 Oct 2023 17:28:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ED7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame ED7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86C9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1072979994932&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86C9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1072979994932&version=m202309260101&ct=76&x=1&cor=14459367922749379000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 86C9 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZxkMZIfS2TpqMokj2GCdnI69xqKnijFbj1DVoikkLyxrvfL93Kj81Y4mbCyZVf_akDs8L_8kb2XvzjTBmEu5exzo2h3bqCWhdhkBmTG261WmnZz0&cry=1&dbm_d=AKAmf-ANXCo12jPBJdzlxJy3MonJIb978GoApJJMJwlSRXAnjZrJWg9p8WUiWEpQoeog9ZWUdCdlA0BO8H5uE0WndjyBWZSG0pWSkS4-B5C2Sa7vAYYvmgnFCGcB9KM_TlFrqHIvs5g3upvjBcapvtmbi5ocVaUxOPCScdvHMhOW9Id-rV4AhRKxT3w0YDuYJ56X4Xf-1qd0bGUCZ6s0yRRte9Ds4FsojvLm8xOiiQmFiq8cFiWEsDPlxzYAWoZTLL-V_xi17kvqnYFxxlvsUTtQ9NU3XFDMzOYYH6NXW4W1bcBdYkfw01T5GkCfTpk9g_TKckt3Amf_qtSoyUkLFVZDeZAnNRtvkvwgSutKvkJ0FcBMoc6OLCnU4-FLa5LptV3QIgCxaPIp69POkxE9FLIt9ZBEcCLVeJ3w-dbHiUf8ksx8d2nnczRQ09yZlHL6PkgVuZlpJnhBEeJkxY-ESSnR0dV__539-4JiNRVtsLbUWqA08QBJJOfbNKerSnrunH7HeD1IkqPL8TWkkZAIs9_uo6Bl01AKTqaNYilk79KiXQeWTSOBGXhPqdUd5-3P9RBu2MVkYJC6m4SIFeaXKzDRrve5-e_2po90TATlk80GYTEd1VO5vuLVm4jdsPC1LDjhtddWZgJHPKw84jaAXmX0lZqwo8K7pppTSsIq_KoX12HV573ma3Y8Fdk-lqCg-PwTmgP7Qr_JM3jsBpkZ986ZtUDVb6oEh-QJ6Y8rcvGSosNjZjoJgSyWHWb0JKJfhvzesJu32tcFo2XG8a1Y-JjJY4XpyClLEPAcYi0Pa_eVjQmSwLMqPiDUFieGOSlfATFgbvq4NTuccXiYDXMVw4HJf_bS4EMe_dLkBZOEbIPmwOGM6ybjP4wbFnw7X4axXBBQGUA04iCn6nD5u82TsJz4sdeRem5_5E07lSqVxlJ_3RIg52967o-J5GB_27-6V6KOLselxnb6aOm5rjKuUNfVt-3RPzjlHWxu6okd5qETU3rWEm-OQPOsuV9ee5-G8Ys5PPaTdoWK5ZHI6lttRkqED598GfHa1VuJ15lytRqNXgMIZtY5epnaBmnAltdVq4O4x1AdzT54uOJGThPBqXgGRyAV1dpCqu-lde7YyNr8Elp1tWGLGoNkUeq0e4yv9HeHWwVaef-BG-QXr3_gdq3I_tG_AqtFPifiWvPezd2TJBrHEAMp1kyHvmH1NkhN_K15ZjbYwH88Ai8mGSuGVLewg0mtfMjBHmg7T49yVoWQxj5NNsXHMTsmw5WD69VXN4PHN9MvsdT7jOSwlBLOsHTxzkhDOdj-yXNQAsZxRrfkTy06eGbzK0PjGwQu5bhsiTkcai0HNHcTBlOSKtTDK-CIpyhFAeU2xNIgQ-0qIfW2yVsMNpMwkIwjg9VpwmZYi0Upm-jmfsmwF_NMyF6-RC6BgbjGFqdLK1vX-yObHXVlYVP4cphB0jRDLw4o14DFM6ODjtqpPWgPznvP2rcuBbK5NZxktLkRZyuyPI1CQs7hK-_fGZKex62oduAsUuFuSLLgOkiBpYIjbf3Lu9r1faaV2f3BK2-H00SwRs4PUSxpZNgxXM_Fkk_kWEhCtK6SR_4Z0veab7QiWkr49_xYxrZeuNO4k3YABKDDRbSHjoHBg1kJmA9y77UeoxQS4_nZUbhfQgU3y6jUVBmtULAG4hzMszrQpOWGSZxilVxu8jyw2smPLPK89wqPEkzDnjECjGeM-ToYlw5o5Ui6LzHECwXLofgb_mRgiXyFK8xNONIDgBC29YGnw1hyskhxXk8I-BvLKfFB3xXGMZGyE_0fIfZu-aooPr7Pu-AgF-bwIVG-SMPu3nFYTbp22fAj7ndm4FveSw03R0EWFliMrErof1mEFUI1RZo8eAtoNAm3XhP1drNc2WtPTPVksztlYtTKEcj2hc9c2pYmMR8sCHQzjMORLmKc9oRddZYVeFoNulMBPvM-7pjvdQX0gnr7zLXWbxMaSS5CPvKVopG6rzNMQboS3FYNFYJ0_V-8NWDS01n4qCiOB_AtOLT0Sf_kbv8uowquXMaJDkjaqAZHTKMS35HOr6yPfjwWRw-t-siALFmrjEA2yX3f3KFcZ61pKitBMCUv1VBk1AdzqpQEmzDoJMfZELWoBnSQ0vaReJsFCaT9i8JBsSTSoAS5K83Fq3pdHt79EW6CpVJwFoCDrQ0eC5JBmwJxAntKp3r9KG8FmaBw_kwBdrxYCSmTp7bSm6_p2Kebp2OU_mOOLlF2snPE8_J-lk8mX92OGSZ0Rn9w5LdgGKHnkYRxqc7d3L8Ezu5sbMiAsvKsGRm5OrO2tSyk2XeoPOMVsIlQaNwWKxtL6gFsohHUhwMw582satdUX-YW6TBv_DnTSka6waMEH6C901EiI8iRwymwOdlbBhP41sVPkNmFsdhjhe8JzxS7atDMetdDjOzqrAXyPKTJQPUHBhipvRoNKi43NGSXSf970VHdUWUTEMJepBzMC97o1HX1M5dQQbyNPZ6bucXDWUcSFRqMJrJk8wQdlaiJS38tW0IGV6V03GRDkWF02gQx-0RO1MWl7_vfcjb0E5kiF4J5XCM3_r4xCGJFEW3G69hg7tGCnZOKoExDhcw__YHBhnfYtt1AdKQQi7npShBjlKxkSJeqK9sjAfW15X1ELi-mtTn8UnqDOSLmbc1SGaYNRo10Vthn60VlimcHs3_t2GWfiSQ2-q7dv2WIoxwdm2w2rPj_FUSu11v59yR6zfjnhTPhJxpfkrhHUTS1jP2tn-x1OY634TR9zQry_uLkNagnVj5rB_Cc-puaHso9vDy51hhJzr_hik4OVrAZrheNCWYxQomhVGvzZFbmBj7aq3ZORXXURV_pbuB0iTzYuonvQODaahltyJjIRSY11up1OUUZY5rQJUNmr8t9PxvAF6_KTndGGH8FjealbJbXZpV1Q4TrbCaqooO7Xq5egUayKghxIkchtlXsJWKsxY4dLRVDvZ95LDQTDBKBF6Hu7aRv8gikfyfXVsAp6SE15eDUVhL4WCPB-fMMyglOi-ydeR8rMSrqkI-AzoPLQ5G7BkD48SZI65EehxVtO5yKkcqNFhI1VuzXMBSzcjlDFIUrBEgcMayK1SfqA0elTL5PwDnGN7jQXGdR1vFZTeJE3VgaEahQljIe_GK4gsTxbV402b4RE_hVSPYe3nD7EpU8S4UjJIiO66OweYWY0Cw-IkAAe3FuwSitnxMPTYHzlmkWj1eajil-6hoOqfXJZc7mNbl7qsmHlYSQXEWFEW-duZH6pRp5Jxj_xFzQx9sq01TvcUKjDHLS9zKfm3VHGxVuC49ql5DjGDOgbnJoXL_qxD404WzLsCC82tWMqxDRGfmb9BV8IHUzV__zeidzSWtjPCffrV9X5gpZporMndvDueP67wBKjIvXvBWsubw7RQuOYHjrdGguZe37sQ0IfJyWNJqB4uHd5N1b52rml9IaBd07z8w1oxAlzZOLB6QwVhA0bpYBnKVlqlJoRuOLoOPuqUzxsXKDjhJ8CmkHnRFQZ1e7_zJO6s1JanYsYUm01tCPG9CJ8Fr38AyA2By4893N3U9wZB-CewiesyLvB7zemqBXXsRqeQOCoIUYlsT4SSKIz2SJ5OjHTq4SXUlPXD8Ddg4aEI96JWIPSbedAh5JEqbflUJZWTDM_Aq1VgIFu4IiNYOfe5_uRVCOL9lbVczgVkdac7B77vv028GJiG762RRuvZONFcNbYLQfYUYNYDWsJ7hVzTHQd4lxKE3DkhOH0hxHEqe40MA60vfA2gwqEEzEFD9QHSChSn1EqUr-tJh1fMwluMf-mZBQdtGRb97Oah8XPuzxbLniRud2xTGw&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14459367922749379000&adk=4020099329&idt=111&cac=0&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9446591ba38b6c2c674f1cfdb3d18da953282a533e64768b1c9167339f66bb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39439
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nanumgothic-700.css
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		87 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
691003ec75153cc5398f9bf970d84c39b79c0275fd5900bb41b35b2ef81868db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:09:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391effe-15a39"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-400.css
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		87 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1a554f4ec364f3216334e92f19ecfd54299c585d246f35bf3e566819ca58a441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:47 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391efef-15a39"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B2F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1473353611383&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B2F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1473353611383&version=m202309260101&ct=76&x=1&cor=12145148386681817000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1B2F 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7ut0FXagB5TR_JmLO4SDCkQLHs2DSoYCsWiNzAn7xgGqbAS__2nhmcFVvV3Ti95UI_BpbL8BjjmoU2U3iYfWN4V5Xnpd57wJhLXBqZAyF0K7v8vU&cry=1&dbm_d=AKAmf-CtGL39W-XsjOuRr119wd_NVwCoCfwJCM8ihua9FMZzMGa6-4Ulj3UaDHcKRa7dBNLA2X38lASS86pJmAmox_OhCCkd84XFaScY820WvvOJ2DSVtPdlVdCdVUHoBQ-DLbrwOopVjSs7VVrDsIALRVxllSRv6ysDilio2mlHG_XlOPh0DHTyPG6auhFJo1U12udlAFyidgBxZWjiv4vY0AYKzlfEfBE6cOBPLbC_aqd0otHqBkgn5iOiQoF4IIJB8ouuvzr9044anU1mjcLWa6Db8KtbU_6VIcUMsv6mYZrEH8xaeB6M3P09SWVbXjGFoH35jv0SV123NjXcHSAya9hLyNdsvvkKRS1ko3YFQ8OCbWvP_pa7XANP6Wf8eqQjyvlX2gNSAJOe3UDVbxOPKyzmMt1nz5wOf14ikwo0thVpQuZNdzKLir22RU6G0agZQy4IY6HAvAP0yfBcTK9L36Ixf6roOU70HOgka4psAsPnMLlIH71e9BYceu_qPRNSZCtxl4UGfLUHIj25q2_7LXu3gSqbI3UDewdAn9KUStxqcTD3PBnV9QSVuzG1cHN4a9RniTwqoJdBWLUIjEDBm1JhIF_7bwcS0K6L0k10qDqn-QU4XT_1dQs_eyyl7OFnUIFnsD3rqCeorhhSEbmgrErBI6Q7HfIoXfIwtXu08q509kFAhMrBJocW6HLUDwAPGsuFklk82vlaXGepFYUsvVU5hN_0k8fb6xaRmghcj4GT4bCGYN_POY0jFmbA7SgD_xya8AlDg5TFcWrCi9cfwHhpMH7gtL4WQOYziyGHfgGYdplFzNz58WPq3mmnrhgPz0XVbWWvYxLS7B7AdVO3APscQFWyjutMAhZw7S7PcU7G95sMinckZgvf0nMkrnRvVvBXdo7OeZkSjtot9Uwpa_Bl1LDPEbCdnMkRn4DXJv-MU_BqsBBcahIOLsJVEu6j9f1jqARZ6mBSicWmN8i-eWZi8Kkpywhj6zpCik8jnwzyV-bIFKVkFLm7VZ2KE8nhSS8jZ-02dKRJZ7Aj-eQ0m6E_S9G0IeAWQz__FBVQvLAA49aHVsj-LsW_oJO_52VTQxvZENl5aWm0uclVbWXWBNQKTIpvhafTR3-k05dkFMF26BoOCHiufX5iQUDsD6VFs9VXCe7l57eMcBHVPDkYnILxubRPD4hg15UzW5UGXB1_Scl8FesTL4bFdnUa890PbojM5QUIww-dXNmYLnvvykDI0Ic72aLIJwrJa1-wFnH_p3i0OCemlerYj6IW0Upaxuzt5z2frruH8bhq5oCnzFE5QEuvR6R3xmItJSMbRzst6igH00jFHOqfCHFpfdQ-GZGAwCCFrXh6Ie7zaZH4tetJJMfPZTefUT4Uy1R34oFWpA6Imtv7P2W2TmuwzCNWIk3C69iO0wqlahbmnpC5w4vkNYAwM4hTLpZTMZ9QrGO4BVc-AVlpywRZBC4p05C6bhkbjcmwMG2wz3_AkWmaS-0v9jw_D0JppczpWXu0p3DmJHKAoaneg16TE5DsCEvJ0SkLI4Tjx6HSXoH_aUNLM63xLFqLMTO9ct8FqYEZ6XTA9OYj-_4jZlAQh0B_1_aIZlWf5bBH8SVXDAdJA7bdudH5Qt6f26K6FcOIBgTlqAJ2ysOuw_XJaDU4AJV15jUfabb_bUGV7SL72dDehhbDvs_O4QoY512Lir_VIAAGhz3OY59qmxR2JRcRfFtNuDN3V-tG98albi8wSnrG1iKupszQE4FDpzLWBuYQROKbrtVE_1MMVHBt7NfQHEaBBCbvba-LAQcH3CMoKoTFw-yhz0hLQ-6Cvt_oC5vopuTWPKklKRTvUf67a1zshUXHxxuWfbFZl5jgdp5J4YYXwJInsD7EujqYiA1IK4XrlM0b-hbPrmPkUHsmuUxtxDOsurd4XS9VHKaiEru8PhrQFXgxgF7aQltFB3DtF8H_cGxmmqJofGEFtov6uaSL6xJrB7eE8iX3wG0EcszhlnQk32f_ctD4PHnTZMh-iQiCp7nFawEkoi_7TB4xmvKRlK22hargZQRwslFWk90bbXt8sKn_Civ3HoUOtw4wG52MhXQUXFsSDP7ZkM3WjexZhDygvcJoIdS0GPpkmPQwHx8nrKjRULHDZCjshg-WIiws7mCYYJjAXpWsJAPS9MvNbeke1axZmy7hycGkZO5VGXB2rgj5qmFkLnab_STuOV6-3vm4Wod9ykoeWNGvqC_CxwMocIJMLP3lbooA-4HDfdvqZ3YYvBMgBrNk40q1nH0Kax0buYNAKteNvZv9KY9lIRFOkzppve1oF5XNIjjz5jbuvAkDOVn7nfaI2XHNhrkjkS910xT0g5QOvDK2yPK6FXohkJgY7pxcsd2wc4IYsbdVZYZdki1yGIVu1x7505CrJxoSGRf7-DfE9YJRXCgOWrEKuRRu44BddBIVTlvtNBXnYnaR6EyMFw_1QzXwk8WqfFo-q8Eq3CZFWyZQroMxIeMXoyviSu4x6W3zffpKd8Q8QLnK9-J1UXatkyJgOFt9snXI5tZqdCxdGfBC-h-vi2h_sh2k83ZyhyO64CfPdJ8r8pjre8NYDj_WtXh6b-NWsaJgL91QqYRfO--vDK0n-nnUamBTJU4i8zD-i454Hn3-qb5bE9govhrvPO3HkFWb3icyxSabQ0bb5kaCFi8i1SZ0oKmigpoAYVFztbANqt-gNcSC0C1gvpjvVF1cCwut19gDxhl-2e0fsSXfU7JCJ4OMyInWDEYnM9J3BXVp0hT9yxjcWZhkACLdXBSX6nFsEzhZL67iwd16AZI4RyfJ7EDqlyBynytQ_HMA3JEg-GLJMxBNHJNAWxqykwAZHavY2ZKfXyt2_IMNj9ZEDDge3Z-L0l36pXJB_2wBpW3efURS9CCDCXhEdQNsqQMJ3GEzmvevFV8RL6Y5wpzIbaUwdspZSQVJYSrLSiOFEkZnjcxR3-OklliA8tod2RfGvluMo_GnOAlgGipPYhgyfjL1ooXxszd6H2foZa1w7EuX5CF5h4121x3S3yQYOuqR3RL41DQ5vdg69ssyMkieykkKAu_upnRRaznQBcQqyxOkp5bwKUA_y4T4dR3JFU62H9c63iPGVIdK2wkyYqJ1TkyIziJLDGMQJAmhYlo1wGxjwNhCXPpwUUYOuY4CbLT33-1rfgFz8Kqh-HB7WgfocUUANxc8vhgzI21gbFbirkoGLrywvQKdiUSjonwA-G0bOB9QlrSMmQwzT4p8stkjEAvlyT1kMQUzSlMCGbJlNZZ-XV-uS6Q2ADA8l8kO5OK0E2drW3bB8vVGfJuoApz6mOinJS0u-EYjqF7JqYYPbEon7T1B8DLVhp7tVacn_hChplrBIfzG0OitVHIiSn1nnuFy7d28ufxlAKhC77Z9O7k9a70FUiECaGwxJ1PAwExWdYCM4P1BV1IbBqsBeScaZBDZuPFa-RbuGI5_naI5hnTMDvvsOseItQjnRwf1pmCpFN7slayT9gKj_-PgiIFYa0Pyj_4MTArIOGdl7_gOUuKCvDI-KPb78EFQhP8kmXV_l0jskzqSfAJ7eE0WAIU6iY5z3vteoiDOSqyVoncCAGTAKMt6D8bilgygv2NDmUDIYmUlMZELCor1dk0skRis0FYa4ApSF_f12JiW0BpGxb_w0f0caLqxeimui9NvhdhuuUKJPthpmbQYXGDewNKAeLqJRMy9fsg1xSmuiu7hz1ZskTwfdEYwqCARSx5PX3QkOhsWwS65vVkPB2YhiRDLK8fBvPuRqqqP_0lrqaX0mF3SBU1wplWHTUz94ERKt99npMiCRaAcW13sPtndA-6dzcxX2zs8FbjN3-odLl7rx_be2EGVgkMpqBYZtzn8pw&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=12145148386681817000&adk=2975593758&idt=189&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a87bf84e478479831c20a22df3e385fcc7a81ff49495d2e3f99ab9b8986da40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39546
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4493028327385&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4493028327385&version=m202309260101&ct=76&x=1&cor=17443527353865873000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B2FA 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb1n0G0HUU5uWXyGcOLUUPEnamtw_vhmKMQQOMfmG9Y2oXRUY8xHUUAgGvaliRHH7l5XhAYLcRtQW1IxA_6P1NQuOPbKGU6pk_IUjIjPCezOPQ3rU&cry=1&dbm_d=AKAmf-BbvsPsJ4vkyWAbLWyi7kqElsDDlQc6-D9iy2YMAEVkaacH1NJy8Jtom2tt4k7sGSzOw_qeNCyK8BHVi94ZECt-d7V4lYdPpyUF_32q1RyA0N0xsfgoNeM81G6jWAuxXguxWag8Up6lI9CvOBwANUR4pJMmlpbn_OOdbKeALP6fUjbbgQxNBsWfHbN3lYRTIOJbUejy6xKAvxMPmN_mzBSFnr5V7U7aCXH57FPexMbyfveizXOK1yN5yor5FoAshlf4m-yC1IP9_HQatyNYiLE1LOHwExaYh9KprWf42OpSO5vQew58hx9Fqu9uve-ShD2iZDA8jjurQkuXI0tp0WqRytTgvAEltFArknTV4wB1Ae5eQRUhL5bMf636TQpe8icTYhCzXR4dByRdejQNSq3b3OvnH8v8QLdEwxDGYNPr-7Lc3Lo7-A2Qq9c9cgHC8TQpSSSemybuyNY57XhN0rH1SYJlY5Ul2xhaV9Si9Qthw5atfn2wB2CBDOTPj_E61sAVvyb55mVlnCt8hdWld8IW3BC2LVYiViyvVKJZ7tAMh5JroZc1XrKc6IvH5zZlWTlvjqaka1q4y1uQ9CUr0QeGVJkWwVrXuEv7DQtsAKX8mhbFUYPrE1udVyTyOykEMHEkmeAO4EdLonLgaD6v6UABUZ0zF51nERy_5cWksqFH3rZ8XBBPXSrNPFtjsVdtbp_Vc2u_6SFQA0b8efSdUDksxB5MHFRMniZr71WJtCCrLHooYRj-l1Eb4r2C4PYac8yidL-ongFslFTLDUst3hbINrLrSh0iTjL1BLsjkItWlobruC1zKL4iEvYiBHESyaBH0u-6PFS5lhj4uruTufSOvGvO56Zto3wYoW4AFOe5R40U2iyrGLsXW1lHysElQC3fiS7xQayGPAV9Xm8rGPQAfo6S3v_rsVBcwaHpchbflN0QDe5NOWttBPNnuSGnezDRkBXA2IfeMK591UUK9j-drfl2O-jA8mBIYI76j_6Z9sd3vpYhqzS8lAalGiwzYcVX91EC2rU5_1Yjhziote4qKXK687QArO3uk-0GNYGl9c2Ggp-h0yChCpg87F-ASTkFYCxpTW5V_7qVth_7wnKZu_kQZTF52Krd-CVEYbeI75Ea1I0rmwW29BQmL0guA_CWfIbAdwT8ZubN4Th8dFFreqWzCIbYn28VsjYxNMV9eMvuWkTXD8uZft9HJGQhYtvzIl46mKu_JbKCPP-3uX3mkZfkUUQS9fR5sAOpwUeIyWnNR2dLMFC2KHBlI0cWm8P9AyFFfNiCcXM7leJR-k9m9pgg5y7hZ5qzNo7PLlcDcuazTO5Ofo2njF6aPILk0sG7x2YN0UXU8FB1uAWnbYGHg5M5BZruwgdudCCvs1vcpemj1w899nxkImP2r9KAwIPkKgZBnP9JS1OPeON3yMGpjgzlY6qWWZF3z8EXeSivV-pdSpsvzun67Xgd433oeOG24TPXoYN4vCLh_syS7fwVuS0BZiBnA4a-e-AXSgArho6ZWzMfac8ynOIwzXbf7wQF5LdEhD3PNLT6CmCD9ycChLPTjLk09yywdi5qOsP-gibZWkb9dC-ZLrJ39rwPo9Dof2l6qVKStb4MYHoSr5NkXPGVpUezA4SGj3xjb6Zt_Dbjjt9u6L9kq9K_eLpnHPXqmksj2uoD-BMIvOuVuDl6i1Uf5oKllhPa22PT3V05ujv3ykwwHpAqk0XBK1BG7b1UpnanNovU5DW0t8Omv8pkoMZ45Pt26PCHwgp9Dd-OjBbR0qpzVGuq0p-ULUM1fKJIxMmPbYR6mb14ReaG4XGhvu-BMMaJk2pwn9PWoBaWdIiE_5tgeWdTi4YY-TP7KNZgwii5xo8TaKigZEIEbvp_C9mvX3TdkMf0_lwGdFS200zjNmBQv2S08leZXQwImJTCvA0UQqYfQmGMs8elo3YmVgUDqbOUqxxQ10oj5smn8MtEokNcGyLUyRRPDwOtXwlRfWhVkATrkyS2YKGoADhoHmCD8YHFUDsZUV44iJCx7SroLYt_24Fi4kvmzpgI5veP4nzMZRthaLj2I2VX0rFqfRehM5-qpznnNkLlMVdYtWvWvak9jUAIKItkr2wm5MWV4jFhvYxFoqRGUu3LvgHV7nq_u2c52J6R1GpMuyak8F1NApSpcyOGkJXxY_3wAMXSh2nJr4S6Xyyp-qYuOMX4eF8WeqcbgM58Y7JtIaPcUoxHHwa7cv_hGxPRcVQvTYl17lSmB326UhrUKqTTUiOqbCZblF_tEPbGpVUSJnJOWwcqSsV3-Y6hma_8IE3QzR9dfv28oKn8A-ORx-3CxITBWZDeTh3eKU-2CIppgsrSQcKSIFurP5HwsI6OptOfTzOe2uohKv6WMLex3iPP4Sf5-Z8ZwZRqMdjGAzwo_Ss9dglsDGB9lh0JuNnurcDET03S5NW9a_adt9WnDDD2Pka7oD5BWpWDQFL5qvVe_QmQKaUf8wo-4moyf83Zo_B-jxsDq2mznTLBIkoCRnKTxttg3tvadN9VU_hPuCpIo8KSyOlQzxRGco1z4PjcYUPXcwos9nQxG7O_KPW-80D9Mx6HiIBsWYvd6Ho2rro7niM_FpSczsiv3gCnCR1NvvFRAYa5VWAkQQ9FttDdx5OOiLHXkonHl22MVPSr0lWVvoFen7XTAwMBe5cDBoNey4ehDu8UclVe2l-aV8J6nSEQG0c4PI2Pu1gcrcDw9kgjd8e-VE0MKYo4CSa5SegT34N2Um80ZQNDQrPkA9dpZohhGd2uq0fYpE07NVAcmXLOno6XT4X9MkpifrtVYmdjsLi8JC03667s64sJTslH87CYPbo6ZEExgjWdO7feYse4Vd6iFtcX8lWzbvtsu0Z96HjxizMQvI8iMYvq8tg0DY34mjTDgx_y2MqWdAsMStX2tWidyzIP5aOuqlkrsSqchmOA4kg2KMD-qP0cH7SnpKDeXJIjZr8PAX0XJppLsQMdq56I4ynCpGC29ZzBiFQf8PTTcjcDzkEVCJLzjGYOLMALwdhtDrhCXM3zyAYobciBjvy133BNsYbiTqn1KweMEZb-Fj5JUO9bWxkERE5avvY61oLnFDvYaD1nackLUVsu8ALT3sLe2aDhma1RupGRB-5lbyE47Ag8RDn7m8ZdxmO8Z5MFqddsbL8-sjMsg_ceCd0fsXcSxkjY93JFyt-Jx5VcyiQbqgihZoiGpnF0znaTHcFEIJdZkhEyWLsrWBolvgddZ5Dbo2FDWpdFCMWl46ruqFEUcwYfTl0ncpUDiee9wXybZJWNCcjv3qo09E0rV2M7d0fllra6Pw0-F3mFI0-62Qd3N-z6wx6d1PaIi4hpl1Yx5Bj2rIOKvpgE1ehxKXVU0jnUPOdBf1nooxtr5ALITbyKj5hp0QaW5ozbcTO08tYJuYnv8iTOsM8fzz-hZxiHJydRHOx_KYp4lu15q4hUlR-e6UNHC_6qrkELoY-x5-CUKzrzDu1WE9-9j2T2T_MMug20BGGbzshc0XMGSqejWxJXV-1JlGmOXTH2I3L8YEq3eaacLpyvqoC_Xw_Id9vjCSJsHidar0oHtrix5QUtePS_oQdeaMObv3HMHbCxANWKVcFalXOSYL3I7Qgy_1a1tgN0p7YxG1Sj9N2TzNVKzvNJEDldK_F90kc4qvbBu62Q0wpBSNEAus5VYSaM6QereO-C2ODvOasWWcWDhliEWby27bAdW-oI1ExCk-TDy5dXTIdd-5j7jh0OdiWJG8mDPSB1BNzaXDC7bCSGDQwmJt3IObj3TxpB_8rAyyu5HQLeQ2nUGJzXPuZzawG2dt4ctA7TuQe6UPfGYsl9yq8WO4aUUYaPqbfeUYk_LG0ut--HPmIscQ&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=17443527353865873000&adk=72288713&idt=180&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d8125cad3a48e7532ed7b442754fef0e6f63da87ace443d61f30856fef2b378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39604
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 25AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6774419891139&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 25AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6774419891139&version=m202309260101&ct=76&x=1&cor=14912880494073448000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 25AB 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-wkyEcsr-UpZG9cwVk2OncUwt41AJ1r_oI_UeipRCU6B6nwVkQ51yTI2wqyg1q6fJZRnOwWDKkvhoA6elLxPbE1BbK0g9Ts3sDeZ3d7KUmxCu9xM&cry=1&dbm_d=AKAmf-DJFtszU01mBlJoF-kN0Dw5Ne6QkPLYId4-lTiUOlVnTZHjb2ew0cv6g4wyZV1xklIVniq6ScGzoekqh1je7lza3GZk5mRgoJOI3grW1Mmix6eJbne2h2geaTfRlTpS65dDofAC2dk81CWXyo55PcqMGuVu89M_dU7boaEzq_FMCz0gRrqq_qN8vBVQHe62JalabtnKcoTdlhvN1It4vjIG8-VMykoaFcq9vXzDv-9ySINkTIVOuph4a_Ab0mUJ6YckdRefFeKjOjIoH78UHDRchgRYrimTuPaUl_4G6Qx51f-fHn_4HP7caLuJ552b_ktZ5MhbbS5ciYK940_KnuNJ0QSCtd-2aNevXc31h1e5vJ8KJuUDXAdOBqQYv7oCWxQG8L_QUzvXZKR9bqPIoQ36kxbVU_XuL-NIGtTjJzGJN1xl5nZZWO7a9D5H7LF6K0LZeT0PPnZYcbNrCkxlofVA2pFIKIVPZPJb6jo5jS0PvkfDiWHZJwHLpE6U4SdAHUWN-nzNlLKqYVRkoHmTabLq3QPK1FaHlacKu7wKSGMxXy6yFcK8XZpqnrw1hHpVOBSGDSAXv4vH4mvMIkWqU8fU5jPYEVSVwqfGnmxVbzIg5sZz8x5MdgQgi2tNIk0SYzmWDMyX74HPXKbaS79BDBkFwAT58qNo8wZGp3WOCKIef5M-oxasIyIXdcCB14RgV8_TnQBz5dDvmkjZ0Ul1Ge_fpX2QR6mr9rW34Y4-17Ozb_SySvyTJkK68lbAjAjN9EZfKd2_rGICkPT4kp0Nv8GrytCbOGUz6AiAlloVg2HVrjbZJw_DEo_aV4VJkOrOU37dRKpB_8aEEPaTGKaWm7XMmeKaQMKa6SPK1VqUwYVAhD5cyKMEdXGw5nvhxPn8oyw8fzGtVVudBjwg_Q2IxnVp0FtiIk8swu8vKFblJ-uAxA9oCJKu1CJGq-OBdsR0H35AVuGRZFx-JhqmEuwI5I531KYr8EvuvyeFpjk2gkcEBvxdmzwEnRk0H95AnLlzU6w2TmCs2LK1JZ4rLB0g-5vMMyzi60GIhekIL2xnGS_pLBW8hCkRDVmf6fn85SaJgPSS0fymkg4DXlAlU-nAjbNblLab5WWL7TCh7Sjj7D3XJvqGVfkgdfsfJin3v8fosyvKKLBkI1VXHO2nsJAVlCUeJk7_94f7NQvYKJplMgHez3lTqTfyBENwpoCwVQeeuESjuY4vFU8gNkF9HyGJxvTvdrZpqbLajoSbx_4_oj7ycZSJIRaIFYWXjq8DFb2jlFZWdlXIDBHqKXmOaThTgzOVHiinMEY4VoyAhRgP9NDz4Es3bUKh5NVip5a9ydhXJWbbIUpaa97H5AL4jaxcGMQYFQoZlNC2M6wOMkmN2D-bBuYkQ-A5v9gmNthJyQm0x_MsXOW3GMvrCkID_I4uDO56zBvAMCvd5g9_za_h1RNG5NKeJx10tyenydX6h8dJ7PHKkPojgkysfVavbEX5NjjyYLZlydf1ZOspj9nsZ3oeS4GMiBQBWz524AhKeuM-Tfz6v5d5mKGiRUr-U76ghdxZm86PpX2_MOmap7dQwwXshivqyOh7eQj8B4fDOqS1wZsJPdExuoDx-_OY-6pE_ZWEWYMbdMEGpD7UoilUeUV4ipo8uRrF0YoaPR8MT8qGGyM3NfR2zyFLrETJ1fwnlG-NZqmcGcUTdgP0M9BBFP8h1C35SjzRC_cVsmBNpLtSCUmg_6krcrtzf_HEaG8KOSIYU53wa8wv8ADG509QNQtSGa8waoKPfn2FR21DQ7GJO2GSfAz332-d1Z6ea5OhZ5Fryu8tuLPGAQ5Fj9yFd-KFU9vakM7vDkj09xOQE-FftznCqIPp158hLCylq8_vGtgcXqq5GnoXWmfeo_0dtfJM90v69-5lg-p9iXXuEGWBu_UdU0HAuKj9PKatGi97yyVeK529y_7-cjaH6y-VKPTLlhTQ0d01_T5zuGtpKAalfL4QRq-EZPi557Rq3Sf42O8PzG2nT-vUyE1P6JkbJ18BEboHzM_kDutCAuRbB1rR20S19KJWVVBc3Z1clG4aePyTi63hvLJHNga1d1nGWazS-vwJVHCDEpHyZTSa8Igdgywj2uZMqS1CC2WCk6I9FHDR0FFlFFVkXM9hz_suFWc7MLQ2MLUUZd-LbGOsGE5C-uiSTo4--nZcQ2uSdHDZdwULtTIE7A3mUGSnS0_CfgVw2GRtAR60c214jTQE1Eylj5YPvDyU-5CEOmX8NvfgHdsHP9SutDrQhzupgUQKePUwbx_dFxvtEGI1Gt6lWP5xsPtZStWNWIE9CYF8GjZpQEx6If629uKrwe9_7a2GqkBpu46v69-x6-5fOhAijEkpnv_S-1RkrEqbbxhEFAYXswbCeazRqExMP78Uspt1kIXWO5nrsU8CG0Z2UM7qxhsSb3RWJRPtoUsNia32FuSW8s-CDsImHPDXPpotpzZ_1fqWKA3vi_saKBsLglXXBZA0CQy8StuEnmHgKeYxz_eYbMHl6U9n2X5HqnyPxRzDO85XpS-EREPt6Uus-ySrdPhEpGCvYEOi63PKHnnw_6gSkBcYNpMRveWGdGvd5XCEmZrU6VdKfxdu9kEIPY8mYale3d8d1JqRrsMBnGCfhmQMPw2mU-Q9EpLY9sGM3b4pixUPG8RgLgVT8CBmdqjE0ExNn4OI6EsgDZ6A5tVIOfgMENjn5yCZzFAV00LGit7iZN0LMxmZahdO7TNH6_9D6FgnfFUGO_MtPR1pPYN1q6mh99lGstti9XlIrWxSRFYTZef7RUefTTWRWSuG89bDy29r9lJeGJYVLb38mF1iZO0-VOozt4RnJAITp1G1XWblMY63P2fGnxFFMU_gEF7xMB_Mq7gxGMWASeVG-IfllLnEPExdQ-CBgm86ThdoPxnfv7QSOniL_ioSASRwJSQQuo0QHS4Akngg6xpMhMv7W69xcYhqcaQwiaHYJAp3gac6WBJ-EQLfbDxIVij6qAb2Lgp4W9JEMlnyP46Dc_Ip2sIG86wYU-t6BeCW_ETSRH9EKtvT6rKTqiew4g8Hwzp5We_oK2turbODafVShRwgRuK97ZTQRq9IMIEZeKI7KRUSc-8Rb3i9uk5Kh5PAtNEYavMexVFqsDtrynvReOYi4U2nys_pzG535y-yC_JVRKRaHQuKOaCWYykNkQUdRsVRik5E0FGWKMfUzTUNwZQ7vkj88k9IzxhNDDQCn6b1RuWINK0WN2Ezl5qEF8OQd7eAI0ZtgHF2vHXWbaCWiwrBzTNi-WU8c6VI-q27X2KYPVVlj4yep3s10GPYzfF3Cqy21qs4ol8Sm63SHNlTvVyRe7f9o1tjQhwsc_cAwYDf1dvSLTj_pnvJLuYlqfJ5j-C04e7XTjPQY8PJbduBIs7azeHAhzY2SQzIkd_39N31E43FB-4iPorUqgoewBufIxsjS9TgxKqWfbm91DdI4wXJ3ZTAYBhINRY7RSuMOGaRSgU_Y759HVYKJNvzzkCclO-LHaTPzzIVmXMVloow7BUgVPylrvAnmzAuQmZ40hK2aguKWltc4Eis9JcCGO5Q6RshAxVbD1q-QQdyH3UIO2gMiFSKrKuZKRwBYr4055Za4xPAjV0j9v53a-1P3rSna-JYBqnHnErDvZ7ZjyqZ8_qRAczzVZUWfRyw8V4a2ESIMguVb0OAsFMSZ_7e7IdjvtNxVdmv7Gs9bSyna_r_O-m_qbGPjNkNnY_TcmsRtoWI7hFddFq1jVZNZbTPyqlrusF978rxJ6HS5wJaHk0z2uo6M8_UTCrdp1FrT5PCmMXTB8hIIcVtXUUM1ESwMcAjUF6hl-kqzi5A_sYyW1P6Fs0LrgKpjtu0sxWYbQ&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14912880494073448000&adk=531095043&idt=184&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb9ecc3248b50e636e96cfeac2280eae3080b9283a86b299a785a70684a96fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39606
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nanumgothic-400-119.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400-119.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
afbf7202375cab30f485753a5364fb72b925d8ee9b3fd4509cf2cd58cb14e121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391efe4-301c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-400-115.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400-115.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a7cbb0037b1f890bfea30eef146e1b13df044336cd511060872669906183365e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391efe4-5d38"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-400-118.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400-118.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
043c0217b249c0e7e34e8e7842f184f8bd383ac603dd87edbcf8173f951a2dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391efe4-4888"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-400-103.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400-103.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cbc5fe312aeca413f2512027d5a43c15969ff168db8651e5fcf914dec671eda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:34 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391efe2-56c8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 311B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_cm&google_hm=ay1EaXhtd002dFBJOFZibWZrWWVLTDZ0VEtNMDBpdFdkd...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_gid=CAESEDwFKMzVuk4ZV2uumFz6Og4&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_gid=CAESEDwFKMzVuk4ZV2uumFz6Og4&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
645502
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-DixmwM6tPI8VbmfkYeKL6tTKM00itWduWLmAiQ&google_gid=CAESEDwFKMzVuk4ZV2uumFz6Og4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 311B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4235658876851245700
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4235658876851245700
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1516524
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
an-x-request-uuid
270bef3c-f19d-4d4b-bc33-0b220820bec0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4235658876851245700
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 311B 		53 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-0renaM6tPI8VbmfkYeKL6tTKM00zNewYud4Kew
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 09 Oct 2023 17:28:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 09 Oct 2023 17:28:27 GMT
tap.php
pixel.rubiconproject.com/ Frame 311B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-LcXy686tPI8VbmfkYeKL6tTKM01lGvl9ebkQVA&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 311B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-zG0x7s6tPI8VbmfkYeKL6tTKM03luHWLLoML-Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.44.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 311B 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-boSuqc6tPI8VbmfkYeKL6tTKM02UDn5p5qqdag
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 311B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-yPbJCc6tPI8VbmfkYeKL6tTKM00WIz1L-iek5g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18412
um
criteo-sync.teads.tv/ Frame 311B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-D10PBs6tPI8VbmfkYeKL6tTKM03VnTLcXr8JfQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 17:28:27 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 311B 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-PmTZO86tPI8VbmfkYeKL6tTKM00m-F4XNABTSg&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 311B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W8-WhM6tPI8VbmfkYeKL6tTKM01ItYLsplBAHg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 311B 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-seicCM6tPI8VbmfkYeKL6tTKM01MDhYdo1srYw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
last-modified
Fri, 28 Jul 2023 10:22:32 GMT
server
nginx
accept-ranges
bytes
etag
"64c396e8-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 311B 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-bYxLEc6tPI8VbmfkYeKL6tTKM026I60vr3lyag
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 311B 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FakPFc6tPI8VbmfkYeKL6tTKM03N4eL-E5U6NQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozzH2SH5X4kuYtZrIRoUjnycAN9OTwPCY4O2kc4uhdHmDHycI5wlwDtDAIrVJEvM7JWT1Ol7GrCnoyf1abICuJT0DIkCrPQ8Vb6hB7iHx3yhM%2BG1Ap%2FjDQSFtOQevHOFwVMp"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857162fdf5b38-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame 311B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2w3hR3c3glwLO9BpxFmg-jFpFKrQIofY
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2w3hR3c3glwLO9BpxFmg-jFpFKrQIofY
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2w3hR3c3glwLO9BpxFmg-jFpFKrQIofY
Protocol
HTTP/1.1
Server
52.210.125.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-125-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v052-06f420f13.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nM/LYLDIT3I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v052-0c3c1364e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5Us0mTJbQnU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2w3hR3c3glwLO9BpxFmg-jFpFKrQIofY
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 311B 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-aJ0I7M6tPI8VbmfkYeKL6tTKM01z-Va7CWPVKA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 311B 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Nl9Z5M6tPI8VbmfkYeKL6tTKM01RnZ885xCZHQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.37.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-37-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 Oct 2023 17:28:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 311B 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-fy9S3M6tPI8VbmfkYeKL6tTKM037-aLtWMWyEw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 311B 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-IAzvEM6tPI8VbmfkYeKL6tTKM022YF6t8eDYhA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.114.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-114-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 311B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Ppfaic6tPI8VbmfkYeKL6tTKM02LJDwq7vCFLg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.178.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-178-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 311B 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-6TQxZM6tPI8VbmfkYeKL6tTKM00cyB_CVji3mQ&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:28 GMT
Cache-Control
no-cache
X-TraceId
6919a9690f8238614c1d4634a403b5d0
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 311B 		42 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-7H7xyc6tPI8VbmfkYeKL6tTKM02COPEi9u1tmQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 311B 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-vDJA0c6tPI8VbmfkYeKL6tTKM02XKHdwLDPk_Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 09 Oct 2023 17:28:28 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 311B 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-gpjx786tPI8VbmfkYeKL6tTKM00ib5GxqwJG1g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 Oct 2023 17:28:28 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 311B 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-1bVz4s6tPI8VbmfkYeKL6tTKM025XXtFw0tkVQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Oct 2023 17:28:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 08 Oct 2023 17:28:28 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 311B 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-H631uc6tPI8VbmfkYeKL6tTKM00RNmEkfoNDmQ&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-73-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-length
0
put
e1.emxdgt.com/ Frame 311B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-xxjol86tPI8VbmfkYeKL6tTKM02aZSgsJevcLA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.144.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-144-163.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
server
awselb/2.0
nanumgothic-700-119.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700-119.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f017a09f171ed9367700b05467fb2f331bf596c244b4ceaf65e0aceb38c42480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eff2-3030"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-700-115.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700-115.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cb633724b42f593c39e96eedf9c118a1bf0e3782bc5e08ab59252f72b644f670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eff2-5894"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-700-118.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700-118.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1d91ef280fb0ff6a7a146a72696960e4436e94481f468a168a0c15cdcdc9d6b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eff2-4670"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
nanumgothic-700-103.woff2
static.criteo.net/design/googlefont/nanumgothic/ Frame ED7F 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700-103.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
97c7f0da3206983ab086c24f8e2bd2edeb61531b2f3c0150377abed5a89d3588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nanumgothic/nanumgothic-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:08:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eff0-554c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Oct 2024 17:28:27 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 86C9 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Origin
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 86C9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZxkMZIfS2TpqMokj2GCdnI69xqKnijFbj1DVoikkLyxrvfL93Kj81Y4mbCyZVf_akDs8L_8kb2XvzjTBmEu5exzo2h3bqCWhdhkBmTG261WmnZz0&cry=1&dbm_d=AKAmf-ANXCo12jPBJdzlxJy3MonJIb978GoApJJMJwlSRXAnjZrJWg9p8WUiWEpQoeog9ZWUdCdlA0BO8H5uE0WndjyBWZSG0pWSkS4-B5C2Sa7vAYYvmgnFCGcB9KM_TlFrqHIvs5g3upvjBcapvtmbi5ocVaUxOPCScdvHMhOW9Id-rV4AhRKxT3w0YDuYJ56X4Xf-1qd0bGUCZ6s0yRRte9Ds4FsojvLm8xOiiQmFiq8cFiWEsDPlxzYAWoZTLL-V_xi17kvqnYFxxlvsUTtQ9NU3XFDMzOYYH6NXW4W1bcBdYkfw01T5GkCfTpk9g_TKckt3Amf_qtSoyUkLFVZDeZAnNRtvkvwgSutKvkJ0FcBMoc6OLCnU4-FLa5LptV3QIgCxaPIp69POkxE9FLIt9ZBEcCLVeJ3w-dbHiUf8ksx8d2nnczRQ09yZlHL6PkgVuZlpJnhBEeJkxY-ESSnR0dV__539-4JiNRVtsLbUWqA08QBJJOfbNKerSnrunH7HeD1IkqPL8TWkkZAIs9_uo6Bl01AKTqaNYilk79KiXQeWTSOBGXhPqdUd5-3P9RBu2MVkYJC6m4SIFeaXKzDRrve5-e_2po90TATlk80GYTEd1VO5vuLVm4jdsPC1LDjhtddWZgJHPKw84jaAXmX0lZqwo8K7pppTSsIq_KoX12HV573ma3Y8Fdk-lqCg-PwTmgP7Qr_JM3jsBpkZ986ZtUDVb6oEh-QJ6Y8rcvGSosNjZjoJgSyWHWb0JKJfhvzesJu32tcFo2XG8a1Y-JjJY4XpyClLEPAcYi0Pa_eVjQmSwLMqPiDUFieGOSlfATFgbvq4NTuccXiYDXMVw4HJf_bS4EMe_dLkBZOEbIPmwOGM6ybjP4wbFnw7X4axXBBQGUA04iCn6nD5u82TsJz4sdeRem5_5E07lSqVxlJ_3RIg52967o-J5GB_27-6V6KOLselxnb6aOm5rjKuUNfVt-3RPzjlHWxu6okd5qETU3rWEm-OQPOsuV9ee5-G8Ys5PPaTdoWK5ZHI6lttRkqED598GfHa1VuJ15lytRqNXgMIZtY5epnaBmnAltdVq4O4x1AdzT54uOJGThPBqXgGRyAV1dpCqu-lde7YyNr8Elp1tWGLGoNkUeq0e4yv9HeHWwVaef-BG-QXr3_gdq3I_tG_AqtFPifiWvPezd2TJBrHEAMp1kyHvmH1NkhN_K15ZjbYwH88Ai8mGSuGVLewg0mtfMjBHmg7T49yVoWQxj5NNsXHMTsmw5WD69VXN4PHN9MvsdT7jOSwlBLOsHTxzkhDOdj-yXNQAsZxRrfkTy06eGbzK0PjGwQu5bhsiTkcai0HNHcTBlOSKtTDK-CIpyhFAeU2xNIgQ-0qIfW2yVsMNpMwkIwjg9VpwmZYi0Upm-jmfsmwF_NMyF6-RC6BgbjGFqdLK1vX-yObHXVlYVP4cphB0jRDLw4o14DFM6ODjtqpPWgPznvP2rcuBbK5NZxktLkRZyuyPI1CQs7hK-_fGZKex62oduAsUuFuSLLgOkiBpYIjbf3Lu9r1faaV2f3BK2-H00SwRs4PUSxpZNgxXM_Fkk_kWEhCtK6SR_4Z0veab7QiWkr49_xYxrZeuNO4k3YABKDDRbSHjoHBg1kJmA9y77UeoxQS4_nZUbhfQgU3y6jUVBmtULAG4hzMszrQpOWGSZxilVxu8jyw2smPLPK89wqPEkzDnjECjGeM-ToYlw5o5Ui6LzHECwXLofgb_mRgiXyFK8xNONIDgBC29YGnw1hyskhxXk8I-BvLKfFB3xXGMZGyE_0fIfZu-aooPr7Pu-AgF-bwIVG-SMPu3nFYTbp22fAj7ndm4FveSw03R0EWFliMrErof1mEFUI1RZo8eAtoNAm3XhP1drNc2WtPTPVksztlYtTKEcj2hc9c2pYmMR8sCHQzjMORLmKc9oRddZYVeFoNulMBPvM-7pjvdQX0gnr7zLXWbxMaSS5CPvKVopG6rzNMQboS3FYNFYJ0_V-8NWDS01n4qCiOB_AtOLT0Sf_kbv8uowquXMaJDkjaqAZHTKMS35HOr6yPfjwWRw-t-siALFmrjEA2yX3f3KFcZ61pKitBMCUv1VBk1AdzqpQEmzDoJMfZELWoBnSQ0vaReJsFCaT9i8JBsSTSoAS5K83Fq3pdHt79EW6CpVJwFoCDrQ0eC5JBmwJxAntKp3r9KG8FmaBw_kwBdrxYCSmTp7bSm6_p2Kebp2OU_mOOLlF2snPE8_J-lk8mX92OGSZ0Rn9w5LdgGKHnkYRxqc7d3L8Ezu5sbMiAsvKsGRm5OrO2tSyk2XeoPOMVsIlQaNwWKxtL6gFsohHUhwMw582satdUX-YW6TBv_DnTSka6waMEH6C901EiI8iRwymwOdlbBhP41sVPkNmFsdhjhe8JzxS7atDMetdDjOzqrAXyPKTJQPUHBhipvRoNKi43NGSXSf970VHdUWUTEMJepBzMC97o1HX1M5dQQbyNPZ6bucXDWUcSFRqMJrJk8wQdlaiJS38tW0IGV6V03GRDkWF02gQx-0RO1MWl7_vfcjb0E5kiF4J5XCM3_r4xCGJFEW3G69hg7tGCnZOKoExDhcw__YHBhnfYtt1AdKQQi7npShBjlKxkSJeqK9sjAfW15X1ELi-mtTn8UnqDOSLmbc1SGaYNRo10Vthn60VlimcHs3_t2GWfiSQ2-q7dv2WIoxwdm2w2rPj_FUSu11v59yR6zfjnhTPhJxpfkrhHUTS1jP2tn-x1OY634TR9zQry_uLkNagnVj5rB_Cc-puaHso9vDy51hhJzr_hik4OVrAZrheNCWYxQomhVGvzZFbmBj7aq3ZORXXURV_pbuB0iTzYuonvQODaahltyJjIRSY11up1OUUZY5rQJUNmr8t9PxvAF6_KTndGGH8FjealbJbXZpV1Q4TrbCaqooO7Xq5egUayKghxIkchtlXsJWKsxY4dLRVDvZ95LDQTDBKBF6Hu7aRv8gikfyfXVsAp6SE15eDUVhL4WCPB-fMMyglOi-ydeR8rMSrqkI-AzoPLQ5G7BkD48SZI65EehxVtO5yKkcqNFhI1VuzXMBSzcjlDFIUrBEgcMayK1SfqA0elTL5PwDnGN7jQXGdR1vFZTeJE3VgaEahQljIe_GK4gsTxbV402b4RE_hVSPYe3nD7EpU8S4UjJIiO66OweYWY0Cw-IkAAe3FuwSitnxMPTYHzlmkWj1eajil-6hoOqfXJZc7mNbl7qsmHlYSQXEWFEW-duZH6pRp5Jxj_xFzQx9sq01TvcUKjDHLS9zKfm3VHGxVuC49ql5DjGDOgbnJoXL_qxD404WzLsCC82tWMqxDRGfmb9BV8IHUzV__zeidzSWtjPCffrV9X5gpZporMndvDueP67wBKjIvXvBWsubw7RQuOYHjrdGguZe37sQ0IfJyWNJqB4uHd5N1b52rml9IaBd07z8w1oxAlzZOLB6QwVhA0bpYBnKVlqlJoRuOLoOPuqUzxsXKDjhJ8CmkHnRFQZ1e7_zJO6s1JanYsYUm01tCPG9CJ8Fr38AyA2By4893N3U9wZB-CewiesyLvB7zemqBXXsRqeQOCoIUYlsT4SSKIz2SJ5OjHTq4SXUlPXD8Ddg4aEI96JWIPSbedAh5JEqbflUJZWTDM_Aq1VgIFu4IiNYOfe5_uRVCOL9lbVczgVkdac7B77vv028GJiG762RRuvZONFcNbYLQfYUYNYDWsJ7hVzTHQd4lxKE3DkhOH0hxHEqe40MA60vfA2gwqEEzEFD9QHSChSn1EqUr-tJh1fMwluMf-mZBQdtGRb97Oah8XPuzxbLniRud2xTGw&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14459367922749379000&adk=4020099329&idt=111&cac=0&dtd=91
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 86C9 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZxkMZIfS2TpqMokj2GCdnI69xqKnijFbj1DVoikkLyxrvfL93Kj81Y4mbCyZVf_akDs8L_8kb2XvzjTBmEu5exzo2h3bqCWhdhkBmTG261WmnZz0&cry=1&dbm_d=AKAmf-ANXCo12jPBJdzlxJy3MonJIb978GoApJJMJwlSRXAnjZrJWg9p8WUiWEpQoeog9ZWUdCdlA0BO8H5uE0WndjyBWZSG0pWSkS4-B5C2Sa7vAYYvmgnFCGcB9KM_TlFrqHIvs5g3upvjBcapvtmbi5ocVaUxOPCScdvHMhOW9Id-rV4AhRKxT3w0YDuYJ56X4Xf-1qd0bGUCZ6s0yRRte9Ds4FsojvLm8xOiiQmFiq8cFiWEsDPlxzYAWoZTLL-V_xi17kvqnYFxxlvsUTtQ9NU3XFDMzOYYH6NXW4W1bcBdYkfw01T5GkCfTpk9g_TKckt3Amf_qtSoyUkLFVZDeZAnNRtvkvwgSutKvkJ0FcBMoc6OLCnU4-FLa5LptV3QIgCxaPIp69POkxE9FLIt9ZBEcCLVeJ3w-dbHiUf8ksx8d2nnczRQ09yZlHL6PkgVuZlpJnhBEeJkxY-ESSnR0dV__539-4JiNRVtsLbUWqA08QBJJOfbNKerSnrunH7HeD1IkqPL8TWkkZAIs9_uo6Bl01AKTqaNYilk79KiXQeWTSOBGXhPqdUd5-3P9RBu2MVkYJC6m4SIFeaXKzDRrve5-e_2po90TATlk80GYTEd1VO5vuLVm4jdsPC1LDjhtddWZgJHPKw84jaAXmX0lZqwo8K7pppTSsIq_KoX12HV573ma3Y8Fdk-lqCg-PwTmgP7Qr_JM3jsBpkZ986ZtUDVb6oEh-QJ6Y8rcvGSosNjZjoJgSyWHWb0JKJfhvzesJu32tcFo2XG8a1Y-JjJY4XpyClLEPAcYi0Pa_eVjQmSwLMqPiDUFieGOSlfATFgbvq4NTuccXiYDXMVw4HJf_bS4EMe_dLkBZOEbIPmwOGM6ybjP4wbFnw7X4axXBBQGUA04iCn6nD5u82TsJz4sdeRem5_5E07lSqVxlJ_3RIg52967o-J5GB_27-6V6KOLselxnb6aOm5rjKuUNfVt-3RPzjlHWxu6okd5qETU3rWEm-OQPOsuV9ee5-G8Ys5PPaTdoWK5ZHI6lttRkqED598GfHa1VuJ15lytRqNXgMIZtY5epnaBmnAltdVq4O4x1AdzT54uOJGThPBqXgGRyAV1dpCqu-lde7YyNr8Elp1tWGLGoNkUeq0e4yv9HeHWwVaef-BG-QXr3_gdq3I_tG_AqtFPifiWvPezd2TJBrHEAMp1kyHvmH1NkhN_K15ZjbYwH88Ai8mGSuGVLewg0mtfMjBHmg7T49yVoWQxj5NNsXHMTsmw5WD69VXN4PHN9MvsdT7jOSwlBLOsHTxzkhDOdj-yXNQAsZxRrfkTy06eGbzK0PjGwQu5bhsiTkcai0HNHcTBlOSKtTDK-CIpyhFAeU2xNIgQ-0qIfW2yVsMNpMwkIwjg9VpwmZYi0Upm-jmfsmwF_NMyF6-RC6BgbjGFqdLK1vX-yObHXVlYVP4cphB0jRDLw4o14DFM6ODjtqpPWgPznvP2rcuBbK5NZxktLkRZyuyPI1CQs7hK-_fGZKex62oduAsUuFuSLLgOkiBpYIjbf3Lu9r1faaV2f3BK2-H00SwRs4PUSxpZNgxXM_Fkk_kWEhCtK6SR_4Z0veab7QiWkr49_xYxrZeuNO4k3YABKDDRbSHjoHBg1kJmA9y77UeoxQS4_nZUbhfQgU3y6jUVBmtULAG4hzMszrQpOWGSZxilVxu8jyw2smPLPK89wqPEkzDnjECjGeM-ToYlw5o5Ui6LzHECwXLofgb_mRgiXyFK8xNONIDgBC29YGnw1hyskhxXk8I-BvLKfFB3xXGMZGyE_0fIfZu-aooPr7Pu-AgF-bwIVG-SMPu3nFYTbp22fAj7ndm4FveSw03R0EWFliMrErof1mEFUI1RZo8eAtoNAm3XhP1drNc2WtPTPVksztlYtTKEcj2hc9c2pYmMR8sCHQzjMORLmKc9oRddZYVeFoNulMBPvM-7pjvdQX0gnr7zLXWbxMaSS5CPvKVopG6rzNMQboS3FYNFYJ0_V-8NWDS01n4qCiOB_AtOLT0Sf_kbv8uowquXMaJDkjaqAZHTKMS35HOr6yPfjwWRw-t-siALFmrjEA2yX3f3KFcZ61pKitBMCUv1VBk1AdzqpQEmzDoJMfZELWoBnSQ0vaReJsFCaT9i8JBsSTSoAS5K83Fq3pdHt79EW6CpVJwFoCDrQ0eC5JBmwJxAntKp3r9KG8FmaBw_kwBdrxYCSmTp7bSm6_p2Kebp2OU_mOOLlF2snPE8_J-lk8mX92OGSZ0Rn9w5LdgGKHnkYRxqc7d3L8Ezu5sbMiAsvKsGRm5OrO2tSyk2XeoPOMVsIlQaNwWKxtL6gFsohHUhwMw582satdUX-YW6TBv_DnTSka6waMEH6C901EiI8iRwymwOdlbBhP41sVPkNmFsdhjhe8JzxS7atDMetdDjOzqrAXyPKTJQPUHBhipvRoNKi43NGSXSf970VHdUWUTEMJepBzMC97o1HX1M5dQQbyNPZ6bucXDWUcSFRqMJrJk8wQdlaiJS38tW0IGV6V03GRDkWF02gQx-0RO1MWl7_vfcjb0E5kiF4J5XCM3_r4xCGJFEW3G69hg7tGCnZOKoExDhcw__YHBhnfYtt1AdKQQi7npShBjlKxkSJeqK9sjAfW15X1ELi-mtTn8UnqDOSLmbc1SGaYNRo10Vthn60VlimcHs3_t2GWfiSQ2-q7dv2WIoxwdm2w2rPj_FUSu11v59yR6zfjnhTPhJxpfkrhHUTS1jP2tn-x1OY634TR9zQry_uLkNagnVj5rB_Cc-puaHso9vDy51hhJzr_hik4OVrAZrheNCWYxQomhVGvzZFbmBj7aq3ZORXXURV_pbuB0iTzYuonvQODaahltyJjIRSY11up1OUUZY5rQJUNmr8t9PxvAF6_KTndGGH8FjealbJbXZpV1Q4TrbCaqooO7Xq5egUayKghxIkchtlXsJWKsxY4dLRVDvZ95LDQTDBKBF6Hu7aRv8gikfyfXVsAp6SE15eDUVhL4WCPB-fMMyglOi-ydeR8rMSrqkI-AzoPLQ5G7BkD48SZI65EehxVtO5yKkcqNFhI1VuzXMBSzcjlDFIUrBEgcMayK1SfqA0elTL5PwDnGN7jQXGdR1vFZTeJE3VgaEahQljIe_GK4gsTxbV402b4RE_hVSPYe3nD7EpU8S4UjJIiO66OweYWY0Cw-IkAAe3FuwSitnxMPTYHzlmkWj1eajil-6hoOqfXJZc7mNbl7qsmHlYSQXEWFEW-duZH6pRp5Jxj_xFzQx9sq01TvcUKjDHLS9zKfm3VHGxVuC49ql5DjGDOgbnJoXL_qxD404WzLsCC82tWMqxDRGfmb9BV8IHUzV__zeidzSWtjPCffrV9X5gpZporMndvDueP67wBKjIvXvBWsubw7RQuOYHjrdGguZe37sQ0IfJyWNJqB4uHd5N1b52rml9IaBd07z8w1oxAlzZOLB6QwVhA0bpYBnKVlqlJoRuOLoOPuqUzxsXKDjhJ8CmkHnRFQZ1e7_zJO6s1JanYsYUm01tCPG9CJ8Fr38AyA2By4893N3U9wZB-CewiesyLvB7zemqBXXsRqeQOCoIUYlsT4SSKIz2SJ5OjHTq4SXUlPXD8Ddg4aEI96JWIPSbedAh5JEqbflUJZWTDM_Aq1VgIFu4IiNYOfe5_uRVCOL9lbVczgVkdac7B77vv028GJiG762RRuvZONFcNbYLQfYUYNYDWsJ7hVzTHQd4lxKE3DkhOH0hxHEqe40MA60vfA2gwqEEzEFD9QHSChSn1EqUr-tJh1fMwluMf-mZBQdtGRb97Oah8XPuzxbLniRud2xTGw&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14459367922749379000&adk=4020099329&idt=111&cac=0&dtd=91
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
12667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 86C9 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
297003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E2F9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 10 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 86C9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d89438c6557cbaaceb25874dd4d871071a4606672c1c0cf0ce3b942b77427952

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
sync
ups.analytics.yahoo.com/ups/58301/ Frame 311B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-W8-WhM6tPI8VbmfkYeKL6tTKM01ItYLsplBAHg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1B2F 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Origin
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 1B2F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7ut0FXagB5TR_JmLO4SDCkQLHs2DSoYCsWiNzAn7xgGqbAS__2nhmcFVvV3Ti95UI_BpbL8BjjmoU2U3iYfWN4V5Xnpd57wJhLXBqZAyF0K7v8vU&cry=1&dbm_d=AKAmf-CtGL39W-XsjOuRr119wd_NVwCoCfwJCM8ihua9FMZzMGa6-4Ulj3UaDHcKRa7dBNLA2X38lASS86pJmAmox_OhCCkd84XFaScY820WvvOJ2DSVtPdlVdCdVUHoBQ-DLbrwOopVjSs7VVrDsIALRVxllSRv6ysDilio2mlHG_XlOPh0DHTyPG6auhFJo1U12udlAFyidgBxZWjiv4vY0AYKzlfEfBE6cOBPLbC_aqd0otHqBkgn5iOiQoF4IIJB8ouuvzr9044anU1mjcLWa6Db8KtbU_6VIcUMsv6mYZrEH8xaeB6M3P09SWVbXjGFoH35jv0SV123NjXcHSAya9hLyNdsvvkKRS1ko3YFQ8OCbWvP_pa7XANP6Wf8eqQjyvlX2gNSAJOe3UDVbxOPKyzmMt1nz5wOf14ikwo0thVpQuZNdzKLir22RU6G0agZQy4IY6HAvAP0yfBcTK9L36Ixf6roOU70HOgka4psAsPnMLlIH71e9BYceu_qPRNSZCtxl4UGfLUHIj25q2_7LXu3gSqbI3UDewdAn9KUStxqcTD3PBnV9QSVuzG1cHN4a9RniTwqoJdBWLUIjEDBm1JhIF_7bwcS0K6L0k10qDqn-QU4XT_1dQs_eyyl7OFnUIFnsD3rqCeorhhSEbmgrErBI6Q7HfIoXfIwtXu08q509kFAhMrBJocW6HLUDwAPGsuFklk82vlaXGepFYUsvVU5hN_0k8fb6xaRmghcj4GT4bCGYN_POY0jFmbA7SgD_xya8AlDg5TFcWrCi9cfwHhpMH7gtL4WQOYziyGHfgGYdplFzNz58WPq3mmnrhgPz0XVbWWvYxLS7B7AdVO3APscQFWyjutMAhZw7S7PcU7G95sMinckZgvf0nMkrnRvVvBXdo7OeZkSjtot9Uwpa_Bl1LDPEbCdnMkRn4DXJv-MU_BqsBBcahIOLsJVEu6j9f1jqARZ6mBSicWmN8i-eWZi8Kkpywhj6zpCik8jnwzyV-bIFKVkFLm7VZ2KE8nhSS8jZ-02dKRJZ7Aj-eQ0m6E_S9G0IeAWQz__FBVQvLAA49aHVsj-LsW_oJO_52VTQxvZENl5aWm0uclVbWXWBNQKTIpvhafTR3-k05dkFMF26BoOCHiufX5iQUDsD6VFs9VXCe7l57eMcBHVPDkYnILxubRPD4hg15UzW5UGXB1_Scl8FesTL4bFdnUa890PbojM5QUIww-dXNmYLnvvykDI0Ic72aLIJwrJa1-wFnH_p3i0OCemlerYj6IW0Upaxuzt5z2frruH8bhq5oCnzFE5QEuvR6R3xmItJSMbRzst6igH00jFHOqfCHFpfdQ-GZGAwCCFrXh6Ie7zaZH4tetJJMfPZTefUT4Uy1R34oFWpA6Imtv7P2W2TmuwzCNWIk3C69iO0wqlahbmnpC5w4vkNYAwM4hTLpZTMZ9QrGO4BVc-AVlpywRZBC4p05C6bhkbjcmwMG2wz3_AkWmaS-0v9jw_D0JppczpWXu0p3DmJHKAoaneg16TE5DsCEvJ0SkLI4Tjx6HSXoH_aUNLM63xLFqLMTO9ct8FqYEZ6XTA9OYj-_4jZlAQh0B_1_aIZlWf5bBH8SVXDAdJA7bdudH5Qt6f26K6FcOIBgTlqAJ2ysOuw_XJaDU4AJV15jUfabb_bUGV7SL72dDehhbDvs_O4QoY512Lir_VIAAGhz3OY59qmxR2JRcRfFtNuDN3V-tG98albi8wSnrG1iKupszQE4FDpzLWBuYQROKbrtVE_1MMVHBt7NfQHEaBBCbvba-LAQcH3CMoKoTFw-yhz0hLQ-6Cvt_oC5vopuTWPKklKRTvUf67a1zshUXHxxuWfbFZl5jgdp5J4YYXwJInsD7EujqYiA1IK4XrlM0b-hbPrmPkUHsmuUxtxDOsurd4XS9VHKaiEru8PhrQFXgxgF7aQltFB3DtF8H_cGxmmqJofGEFtov6uaSL6xJrB7eE8iX3wG0EcszhlnQk32f_ctD4PHnTZMh-iQiCp7nFawEkoi_7TB4xmvKRlK22hargZQRwslFWk90bbXt8sKn_Civ3HoUOtw4wG52MhXQUXFsSDP7ZkM3WjexZhDygvcJoIdS0GPpkmPQwHx8nrKjRULHDZCjshg-WIiws7mCYYJjAXpWsJAPS9MvNbeke1axZmy7hycGkZO5VGXB2rgj5qmFkLnab_STuOV6-3vm4Wod9ykoeWNGvqC_CxwMocIJMLP3lbooA-4HDfdvqZ3YYvBMgBrNk40q1nH0Kax0buYNAKteNvZv9KY9lIRFOkzppve1oF5XNIjjz5jbuvAkDOVn7nfaI2XHNhrkjkS910xT0g5QOvDK2yPK6FXohkJgY7pxcsd2wc4IYsbdVZYZdki1yGIVu1x7505CrJxoSGRf7-DfE9YJRXCgOWrEKuRRu44BddBIVTlvtNBXnYnaR6EyMFw_1QzXwk8WqfFo-q8Eq3CZFWyZQroMxIeMXoyviSu4x6W3zffpKd8Q8QLnK9-J1UXatkyJgOFt9snXI5tZqdCxdGfBC-h-vi2h_sh2k83ZyhyO64CfPdJ8r8pjre8NYDj_WtXh6b-NWsaJgL91QqYRfO--vDK0n-nnUamBTJU4i8zD-i454Hn3-qb5bE9govhrvPO3HkFWb3icyxSabQ0bb5kaCFi8i1SZ0oKmigpoAYVFztbANqt-gNcSC0C1gvpjvVF1cCwut19gDxhl-2e0fsSXfU7JCJ4OMyInWDEYnM9J3BXVp0hT9yxjcWZhkACLdXBSX6nFsEzhZL67iwd16AZI4RyfJ7EDqlyBynytQ_HMA3JEg-GLJMxBNHJNAWxqykwAZHavY2ZKfXyt2_IMNj9ZEDDge3Z-L0l36pXJB_2wBpW3efURS9CCDCXhEdQNsqQMJ3GEzmvevFV8RL6Y5wpzIbaUwdspZSQVJYSrLSiOFEkZnjcxR3-OklliA8tod2RfGvluMo_GnOAlgGipPYhgyfjL1ooXxszd6H2foZa1w7EuX5CF5h4121x3S3yQYOuqR3RL41DQ5vdg69ssyMkieykkKAu_upnRRaznQBcQqyxOkp5bwKUA_y4T4dR3JFU62H9c63iPGVIdK2wkyYqJ1TkyIziJLDGMQJAmhYlo1wGxjwNhCXPpwUUYOuY4CbLT33-1rfgFz8Kqh-HB7WgfocUUANxc8vhgzI21gbFbirkoGLrywvQKdiUSjonwA-G0bOB9QlrSMmQwzT4p8stkjEAvlyT1kMQUzSlMCGbJlNZZ-XV-uS6Q2ADA8l8kO5OK0E2drW3bB8vVGfJuoApz6mOinJS0u-EYjqF7JqYYPbEon7T1B8DLVhp7tVacn_hChplrBIfzG0OitVHIiSn1nnuFy7d28ufxlAKhC77Z9O7k9a70FUiECaGwxJ1PAwExWdYCM4P1BV1IbBqsBeScaZBDZuPFa-RbuGI5_naI5hnTMDvvsOseItQjnRwf1pmCpFN7slayT9gKj_-PgiIFYa0Pyj_4MTArIOGdl7_gOUuKCvDI-KPb78EFQhP8kmXV_l0jskzqSfAJ7eE0WAIU6iY5z3vteoiDOSqyVoncCAGTAKMt6D8bilgygv2NDmUDIYmUlMZELCor1dk0skRis0FYa4ApSF_f12JiW0BpGxb_w0f0caLqxeimui9NvhdhuuUKJPthpmbQYXGDewNKAeLqJRMy9fsg1xSmuiu7hz1ZskTwfdEYwqCARSx5PX3QkOhsWwS65vVkPB2YhiRDLK8fBvPuRqqqP_0lrqaX0mF3SBU1wplWHTUz94ERKt99npMiCRaAcW13sPtndA-6dzcxX2zs8FbjN3-odLl7rx_be2EGVgkMpqBYZtzn8pw&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=12145148386681817000&adk=2975593758&idt=189&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 1B2F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7ut0FXagB5TR_JmLO4SDCkQLHs2DSoYCsWiNzAn7xgGqbAS__2nhmcFVvV3Ti95UI_BpbL8BjjmoU2U3iYfWN4V5Xnpd57wJhLXBqZAyF0K7v8vU&cry=1&dbm_d=AKAmf-CtGL39W-XsjOuRr119wd_NVwCoCfwJCM8ihua9FMZzMGa6-4Ulj3UaDHcKRa7dBNLA2X38lASS86pJmAmox_OhCCkd84XFaScY820WvvOJ2DSVtPdlVdCdVUHoBQ-DLbrwOopVjSs7VVrDsIALRVxllSRv6ysDilio2mlHG_XlOPh0DHTyPG6auhFJo1U12udlAFyidgBxZWjiv4vY0AYKzlfEfBE6cOBPLbC_aqd0otHqBkgn5iOiQoF4IIJB8ouuvzr9044anU1mjcLWa6Db8KtbU_6VIcUMsv6mYZrEH8xaeB6M3P09SWVbXjGFoH35jv0SV123NjXcHSAya9hLyNdsvvkKRS1ko3YFQ8OCbWvP_pa7XANP6Wf8eqQjyvlX2gNSAJOe3UDVbxOPKyzmMt1nz5wOf14ikwo0thVpQuZNdzKLir22RU6G0agZQy4IY6HAvAP0yfBcTK9L36Ixf6roOU70HOgka4psAsPnMLlIH71e9BYceu_qPRNSZCtxl4UGfLUHIj25q2_7LXu3gSqbI3UDewdAn9KUStxqcTD3PBnV9QSVuzG1cHN4a9RniTwqoJdBWLUIjEDBm1JhIF_7bwcS0K6L0k10qDqn-QU4XT_1dQs_eyyl7OFnUIFnsD3rqCeorhhSEbmgrErBI6Q7HfIoXfIwtXu08q509kFAhMrBJocW6HLUDwAPGsuFklk82vlaXGepFYUsvVU5hN_0k8fb6xaRmghcj4GT4bCGYN_POY0jFmbA7SgD_xya8AlDg5TFcWrCi9cfwHhpMH7gtL4WQOYziyGHfgGYdplFzNz58WPq3mmnrhgPz0XVbWWvYxLS7B7AdVO3APscQFWyjutMAhZw7S7PcU7G95sMinckZgvf0nMkrnRvVvBXdo7OeZkSjtot9Uwpa_Bl1LDPEbCdnMkRn4DXJv-MU_BqsBBcahIOLsJVEu6j9f1jqARZ6mBSicWmN8i-eWZi8Kkpywhj6zpCik8jnwzyV-bIFKVkFLm7VZ2KE8nhSS8jZ-02dKRJZ7Aj-eQ0m6E_S9G0IeAWQz__FBVQvLAA49aHVsj-LsW_oJO_52VTQxvZENl5aWm0uclVbWXWBNQKTIpvhafTR3-k05dkFMF26BoOCHiufX5iQUDsD6VFs9VXCe7l57eMcBHVPDkYnILxubRPD4hg15UzW5UGXB1_Scl8FesTL4bFdnUa890PbojM5QUIww-dXNmYLnvvykDI0Ic72aLIJwrJa1-wFnH_p3i0OCemlerYj6IW0Upaxuzt5z2frruH8bhq5oCnzFE5QEuvR6R3xmItJSMbRzst6igH00jFHOqfCHFpfdQ-GZGAwCCFrXh6Ie7zaZH4tetJJMfPZTefUT4Uy1R34oFWpA6Imtv7P2W2TmuwzCNWIk3C69iO0wqlahbmnpC5w4vkNYAwM4hTLpZTMZ9QrGO4BVc-AVlpywRZBC4p05C6bhkbjcmwMG2wz3_AkWmaS-0v9jw_D0JppczpWXu0p3DmJHKAoaneg16TE5DsCEvJ0SkLI4Tjx6HSXoH_aUNLM63xLFqLMTO9ct8FqYEZ6XTA9OYj-_4jZlAQh0B_1_aIZlWf5bBH8SVXDAdJA7bdudH5Qt6f26K6FcOIBgTlqAJ2ysOuw_XJaDU4AJV15jUfabb_bUGV7SL72dDehhbDvs_O4QoY512Lir_VIAAGhz3OY59qmxR2JRcRfFtNuDN3V-tG98albi8wSnrG1iKupszQE4FDpzLWBuYQROKbrtVE_1MMVHBt7NfQHEaBBCbvba-LAQcH3CMoKoTFw-yhz0hLQ-6Cvt_oC5vopuTWPKklKRTvUf67a1zshUXHxxuWfbFZl5jgdp5J4YYXwJInsD7EujqYiA1IK4XrlM0b-hbPrmPkUHsmuUxtxDOsurd4XS9VHKaiEru8PhrQFXgxgF7aQltFB3DtF8H_cGxmmqJofGEFtov6uaSL6xJrB7eE8iX3wG0EcszhlnQk32f_ctD4PHnTZMh-iQiCp7nFawEkoi_7TB4xmvKRlK22hargZQRwslFWk90bbXt8sKn_Civ3HoUOtw4wG52MhXQUXFsSDP7ZkM3WjexZhDygvcJoIdS0GPpkmPQwHx8nrKjRULHDZCjshg-WIiws7mCYYJjAXpWsJAPS9MvNbeke1axZmy7hycGkZO5VGXB2rgj5qmFkLnab_STuOV6-3vm4Wod9ykoeWNGvqC_CxwMocIJMLP3lbooA-4HDfdvqZ3YYvBMgBrNk40q1nH0Kax0buYNAKteNvZv9KY9lIRFOkzppve1oF5XNIjjz5jbuvAkDOVn7nfaI2XHNhrkjkS910xT0g5QOvDK2yPK6FXohkJgY7pxcsd2wc4IYsbdVZYZdki1yGIVu1x7505CrJxoSGRf7-DfE9YJRXCgOWrEKuRRu44BddBIVTlvtNBXnYnaR6EyMFw_1QzXwk8WqfFo-q8Eq3CZFWyZQroMxIeMXoyviSu4x6W3zffpKd8Q8QLnK9-J1UXatkyJgOFt9snXI5tZqdCxdGfBC-h-vi2h_sh2k83ZyhyO64CfPdJ8r8pjre8NYDj_WtXh6b-NWsaJgL91QqYRfO--vDK0n-nnUamBTJU4i8zD-i454Hn3-qb5bE9govhrvPO3HkFWb3icyxSabQ0bb5kaCFi8i1SZ0oKmigpoAYVFztbANqt-gNcSC0C1gvpjvVF1cCwut19gDxhl-2e0fsSXfU7JCJ4OMyInWDEYnM9J3BXVp0hT9yxjcWZhkACLdXBSX6nFsEzhZL67iwd16AZI4RyfJ7EDqlyBynytQ_HMA3JEg-GLJMxBNHJNAWxqykwAZHavY2ZKfXyt2_IMNj9ZEDDge3Z-L0l36pXJB_2wBpW3efURS9CCDCXhEdQNsqQMJ3GEzmvevFV8RL6Y5wpzIbaUwdspZSQVJYSrLSiOFEkZnjcxR3-OklliA8tod2RfGvluMo_GnOAlgGipPYhgyfjL1ooXxszd6H2foZa1w7EuX5CF5h4121x3S3yQYOuqR3RL41DQ5vdg69ssyMkieykkKAu_upnRRaznQBcQqyxOkp5bwKUA_y4T4dR3JFU62H9c63iPGVIdK2wkyYqJ1TkyIziJLDGMQJAmhYlo1wGxjwNhCXPpwUUYOuY4CbLT33-1rfgFz8Kqh-HB7WgfocUUANxc8vhgzI21gbFbirkoGLrywvQKdiUSjonwA-G0bOB9QlrSMmQwzT4p8stkjEAvlyT1kMQUzSlMCGbJlNZZ-XV-uS6Q2ADA8l8kO5OK0E2drW3bB8vVGfJuoApz6mOinJS0u-EYjqF7JqYYPbEon7T1B8DLVhp7tVacn_hChplrBIfzG0OitVHIiSn1nnuFy7d28ufxlAKhC77Z9O7k9a70FUiECaGwxJ1PAwExWdYCM4P1BV1IbBqsBeScaZBDZuPFa-RbuGI5_naI5hnTMDvvsOseItQjnRwf1pmCpFN7slayT9gKj_-PgiIFYa0Pyj_4MTArIOGdl7_gOUuKCvDI-KPb78EFQhP8kmXV_l0jskzqSfAJ7eE0WAIU6iY5z3vteoiDOSqyVoncCAGTAKMt6D8bilgygv2NDmUDIYmUlMZELCor1dk0skRis0FYa4ApSF_f12JiW0BpGxb_w0f0caLqxeimui9NvhdhuuUKJPthpmbQYXGDewNKAeLqJRMy9fsg1xSmuiu7hz1ZskTwfdEYwqCARSx5PX3QkOhsWwS65vVkPB2YhiRDLK8fBvPuRqqqP_0lrqaX0mF3SBU1wplWHTUz94ERKt99npMiCRaAcW13sPtndA-6dzcxX2zs8FbjN3-odLl7rx_be2EGVgkMpqBYZtzn8pw&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=12145148386681817000&adk=2975593758&idt=189&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
12667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1B2F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
297003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
setuid
ib.adnxs.com/ Frame 311B 		43 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-HHkAsM6tPI8VbmfkYeKL6tTKM02kj4VvemDLhg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
an-x-request-uuid
05e921d0-612a-4ab7-9d71-c8c1adf39a17
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B2FA 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Origin
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame B2FA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb1n0G0HUU5uWXyGcOLUUPEnamtw_vhmKMQQOMfmG9Y2oXRUY8xHUUAgGvaliRHH7l5XhAYLcRtQW1IxA_6P1NQuOPbKGU6pk_IUjIjPCezOPQ3rU&cry=1&dbm_d=AKAmf-BbvsPsJ4vkyWAbLWyi7kqElsDDlQc6-D9iy2YMAEVkaacH1NJy8Jtom2tt4k7sGSzOw_qeNCyK8BHVi94ZECt-d7V4lYdPpyUF_32q1RyA0N0xsfgoNeM81G6jWAuxXguxWag8Up6lI9CvOBwANUR4pJMmlpbn_OOdbKeALP6fUjbbgQxNBsWfHbN3lYRTIOJbUejy6xKAvxMPmN_mzBSFnr5V7U7aCXH57FPexMbyfveizXOK1yN5yor5FoAshlf4m-yC1IP9_HQatyNYiLE1LOHwExaYh9KprWf42OpSO5vQew58hx9Fqu9uve-ShD2iZDA8jjurQkuXI0tp0WqRytTgvAEltFArknTV4wB1Ae5eQRUhL5bMf636TQpe8icTYhCzXR4dByRdejQNSq3b3OvnH8v8QLdEwxDGYNPr-7Lc3Lo7-A2Qq9c9cgHC8TQpSSSemybuyNY57XhN0rH1SYJlY5Ul2xhaV9Si9Qthw5atfn2wB2CBDOTPj_E61sAVvyb55mVlnCt8hdWld8IW3BC2LVYiViyvVKJZ7tAMh5JroZc1XrKc6IvH5zZlWTlvjqaka1q4y1uQ9CUr0QeGVJkWwVrXuEv7DQtsAKX8mhbFUYPrE1udVyTyOykEMHEkmeAO4EdLonLgaD6v6UABUZ0zF51nERy_5cWksqFH3rZ8XBBPXSrNPFtjsVdtbp_Vc2u_6SFQA0b8efSdUDksxB5MHFRMniZr71WJtCCrLHooYRj-l1Eb4r2C4PYac8yidL-ongFslFTLDUst3hbINrLrSh0iTjL1BLsjkItWlobruC1zKL4iEvYiBHESyaBH0u-6PFS5lhj4uruTufSOvGvO56Zto3wYoW4AFOe5R40U2iyrGLsXW1lHysElQC3fiS7xQayGPAV9Xm8rGPQAfo6S3v_rsVBcwaHpchbflN0QDe5NOWttBPNnuSGnezDRkBXA2IfeMK591UUK9j-drfl2O-jA8mBIYI76j_6Z9sd3vpYhqzS8lAalGiwzYcVX91EC2rU5_1Yjhziote4qKXK687QArO3uk-0GNYGl9c2Ggp-h0yChCpg87F-ASTkFYCxpTW5V_7qVth_7wnKZu_kQZTF52Krd-CVEYbeI75Ea1I0rmwW29BQmL0guA_CWfIbAdwT8ZubN4Th8dFFreqWzCIbYn28VsjYxNMV9eMvuWkTXD8uZft9HJGQhYtvzIl46mKu_JbKCPP-3uX3mkZfkUUQS9fR5sAOpwUeIyWnNR2dLMFC2KHBlI0cWm8P9AyFFfNiCcXM7leJR-k9m9pgg5y7hZ5qzNo7PLlcDcuazTO5Ofo2njF6aPILk0sG7x2YN0UXU8FB1uAWnbYGHg5M5BZruwgdudCCvs1vcpemj1w899nxkImP2r9KAwIPkKgZBnP9JS1OPeON3yMGpjgzlY6qWWZF3z8EXeSivV-pdSpsvzun67Xgd433oeOG24TPXoYN4vCLh_syS7fwVuS0BZiBnA4a-e-AXSgArho6ZWzMfac8ynOIwzXbf7wQF5LdEhD3PNLT6CmCD9ycChLPTjLk09yywdi5qOsP-gibZWkb9dC-ZLrJ39rwPo9Dof2l6qVKStb4MYHoSr5NkXPGVpUezA4SGj3xjb6Zt_Dbjjt9u6L9kq9K_eLpnHPXqmksj2uoD-BMIvOuVuDl6i1Uf5oKllhPa22PT3V05ujv3ykwwHpAqk0XBK1BG7b1UpnanNovU5DW0t8Omv8pkoMZ45Pt26PCHwgp9Dd-OjBbR0qpzVGuq0p-ULUM1fKJIxMmPbYR6mb14ReaG4XGhvu-BMMaJk2pwn9PWoBaWdIiE_5tgeWdTi4YY-TP7KNZgwii5xo8TaKigZEIEbvp_C9mvX3TdkMf0_lwGdFS200zjNmBQv2S08leZXQwImJTCvA0UQqYfQmGMs8elo3YmVgUDqbOUqxxQ10oj5smn8MtEokNcGyLUyRRPDwOtXwlRfWhVkATrkyS2YKGoADhoHmCD8YHFUDsZUV44iJCx7SroLYt_24Fi4kvmzpgI5veP4nzMZRthaLj2I2VX0rFqfRehM5-qpznnNkLlMVdYtWvWvak9jUAIKItkr2wm5MWV4jFhvYxFoqRGUu3LvgHV7nq_u2c52J6R1GpMuyak8F1NApSpcyOGkJXxY_3wAMXSh2nJr4S6Xyyp-qYuOMX4eF8WeqcbgM58Y7JtIaPcUoxHHwa7cv_hGxPRcVQvTYl17lSmB326UhrUKqTTUiOqbCZblF_tEPbGpVUSJnJOWwcqSsV3-Y6hma_8IE3QzR9dfv28oKn8A-ORx-3CxITBWZDeTh3eKU-2CIppgsrSQcKSIFurP5HwsI6OptOfTzOe2uohKv6WMLex3iPP4Sf5-Z8ZwZRqMdjGAzwo_Ss9dglsDGB9lh0JuNnurcDET03S5NW9a_adt9WnDDD2Pka7oD5BWpWDQFL5qvVe_QmQKaUf8wo-4moyf83Zo_B-jxsDq2mznTLBIkoCRnKTxttg3tvadN9VU_hPuCpIo8KSyOlQzxRGco1z4PjcYUPXcwos9nQxG7O_KPW-80D9Mx6HiIBsWYvd6Ho2rro7niM_FpSczsiv3gCnCR1NvvFRAYa5VWAkQQ9FttDdx5OOiLHXkonHl22MVPSr0lWVvoFen7XTAwMBe5cDBoNey4ehDu8UclVe2l-aV8J6nSEQG0c4PI2Pu1gcrcDw9kgjd8e-VE0MKYo4CSa5SegT34N2Um80ZQNDQrPkA9dpZohhGd2uq0fYpE07NVAcmXLOno6XT4X9MkpifrtVYmdjsLi8JC03667s64sJTslH87CYPbo6ZEExgjWdO7feYse4Vd6iFtcX8lWzbvtsu0Z96HjxizMQvI8iMYvq8tg0DY34mjTDgx_y2MqWdAsMStX2tWidyzIP5aOuqlkrsSqchmOA4kg2KMD-qP0cH7SnpKDeXJIjZr8PAX0XJppLsQMdq56I4ynCpGC29ZzBiFQf8PTTcjcDzkEVCJLzjGYOLMALwdhtDrhCXM3zyAYobciBjvy133BNsYbiTqn1KweMEZb-Fj5JUO9bWxkERE5avvY61oLnFDvYaD1nackLUVsu8ALT3sLe2aDhma1RupGRB-5lbyE47Ag8RDn7m8ZdxmO8Z5MFqddsbL8-sjMsg_ceCd0fsXcSxkjY93JFyt-Jx5VcyiQbqgihZoiGpnF0znaTHcFEIJdZkhEyWLsrWBolvgddZ5Dbo2FDWpdFCMWl46ruqFEUcwYfTl0ncpUDiee9wXybZJWNCcjv3qo09E0rV2M7d0fllra6Pw0-F3mFI0-62Qd3N-z6wx6d1PaIi4hpl1Yx5Bj2rIOKvpgE1ehxKXVU0jnUPOdBf1nooxtr5ALITbyKj5hp0QaW5ozbcTO08tYJuYnv8iTOsM8fzz-hZxiHJydRHOx_KYp4lu15q4hUlR-e6UNHC_6qrkELoY-x5-CUKzrzDu1WE9-9j2T2T_MMug20BGGbzshc0XMGSqejWxJXV-1JlGmOXTH2I3L8YEq3eaacLpyvqoC_Xw_Id9vjCSJsHidar0oHtrix5QUtePS_oQdeaMObv3HMHbCxANWKVcFalXOSYL3I7Qgy_1a1tgN0p7YxG1Sj9N2TzNVKzvNJEDldK_F90kc4qvbBu62Q0wpBSNEAus5VYSaM6QereO-C2ODvOasWWcWDhliEWby27bAdW-oI1ExCk-TDy5dXTIdd-5j7jh0OdiWJG8mDPSB1BNzaXDC7bCSGDQwmJt3IObj3TxpB_8rAyyu5HQLeQ2nUGJzXPuZzawG2dt4ctA7TuQe6UPfGYsl9yq8WO4aUUYaPqbfeUYk_LG0ut--HPmIscQ&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=17443527353865873000&adk=72288713&idt=180&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B2FA 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb1n0G0HUU5uWXyGcOLUUPEnamtw_vhmKMQQOMfmG9Y2oXRUY8xHUUAgGvaliRHH7l5XhAYLcRtQW1IxA_6P1NQuOPbKGU6pk_IUjIjPCezOPQ3rU&cry=1&dbm_d=AKAmf-BbvsPsJ4vkyWAbLWyi7kqElsDDlQc6-D9iy2YMAEVkaacH1NJy8Jtom2tt4k7sGSzOw_qeNCyK8BHVi94ZECt-d7V4lYdPpyUF_32q1RyA0N0xsfgoNeM81G6jWAuxXguxWag8Up6lI9CvOBwANUR4pJMmlpbn_OOdbKeALP6fUjbbgQxNBsWfHbN3lYRTIOJbUejy6xKAvxMPmN_mzBSFnr5V7U7aCXH57FPexMbyfveizXOK1yN5yor5FoAshlf4m-yC1IP9_HQatyNYiLE1LOHwExaYh9KprWf42OpSO5vQew58hx9Fqu9uve-ShD2iZDA8jjurQkuXI0tp0WqRytTgvAEltFArknTV4wB1Ae5eQRUhL5bMf636TQpe8icTYhCzXR4dByRdejQNSq3b3OvnH8v8QLdEwxDGYNPr-7Lc3Lo7-A2Qq9c9cgHC8TQpSSSemybuyNY57XhN0rH1SYJlY5Ul2xhaV9Si9Qthw5atfn2wB2CBDOTPj_E61sAVvyb55mVlnCt8hdWld8IW3BC2LVYiViyvVKJZ7tAMh5JroZc1XrKc6IvH5zZlWTlvjqaka1q4y1uQ9CUr0QeGVJkWwVrXuEv7DQtsAKX8mhbFUYPrE1udVyTyOykEMHEkmeAO4EdLonLgaD6v6UABUZ0zF51nERy_5cWksqFH3rZ8XBBPXSrNPFtjsVdtbp_Vc2u_6SFQA0b8efSdUDksxB5MHFRMniZr71WJtCCrLHooYRj-l1Eb4r2C4PYac8yidL-ongFslFTLDUst3hbINrLrSh0iTjL1BLsjkItWlobruC1zKL4iEvYiBHESyaBH0u-6PFS5lhj4uruTufSOvGvO56Zto3wYoW4AFOe5R40U2iyrGLsXW1lHysElQC3fiS7xQayGPAV9Xm8rGPQAfo6S3v_rsVBcwaHpchbflN0QDe5NOWttBPNnuSGnezDRkBXA2IfeMK591UUK9j-drfl2O-jA8mBIYI76j_6Z9sd3vpYhqzS8lAalGiwzYcVX91EC2rU5_1Yjhziote4qKXK687QArO3uk-0GNYGl9c2Ggp-h0yChCpg87F-ASTkFYCxpTW5V_7qVth_7wnKZu_kQZTF52Krd-CVEYbeI75Ea1I0rmwW29BQmL0guA_CWfIbAdwT8ZubN4Th8dFFreqWzCIbYn28VsjYxNMV9eMvuWkTXD8uZft9HJGQhYtvzIl46mKu_JbKCPP-3uX3mkZfkUUQS9fR5sAOpwUeIyWnNR2dLMFC2KHBlI0cWm8P9AyFFfNiCcXM7leJR-k9m9pgg5y7hZ5qzNo7PLlcDcuazTO5Ofo2njF6aPILk0sG7x2YN0UXU8FB1uAWnbYGHg5M5BZruwgdudCCvs1vcpemj1w899nxkImP2r9KAwIPkKgZBnP9JS1OPeON3yMGpjgzlY6qWWZF3z8EXeSivV-pdSpsvzun67Xgd433oeOG24TPXoYN4vCLh_syS7fwVuS0BZiBnA4a-e-AXSgArho6ZWzMfac8ynOIwzXbf7wQF5LdEhD3PNLT6CmCD9ycChLPTjLk09yywdi5qOsP-gibZWkb9dC-ZLrJ39rwPo9Dof2l6qVKStb4MYHoSr5NkXPGVpUezA4SGj3xjb6Zt_Dbjjt9u6L9kq9K_eLpnHPXqmksj2uoD-BMIvOuVuDl6i1Uf5oKllhPa22PT3V05ujv3ykwwHpAqk0XBK1BG7b1UpnanNovU5DW0t8Omv8pkoMZ45Pt26PCHwgp9Dd-OjBbR0qpzVGuq0p-ULUM1fKJIxMmPbYR6mb14ReaG4XGhvu-BMMaJk2pwn9PWoBaWdIiE_5tgeWdTi4YY-TP7KNZgwii5xo8TaKigZEIEbvp_C9mvX3TdkMf0_lwGdFS200zjNmBQv2S08leZXQwImJTCvA0UQqYfQmGMs8elo3YmVgUDqbOUqxxQ10oj5smn8MtEokNcGyLUyRRPDwOtXwlRfWhVkATrkyS2YKGoADhoHmCD8YHFUDsZUV44iJCx7SroLYt_24Fi4kvmzpgI5veP4nzMZRthaLj2I2VX0rFqfRehM5-qpznnNkLlMVdYtWvWvak9jUAIKItkr2wm5MWV4jFhvYxFoqRGUu3LvgHV7nq_u2c52J6R1GpMuyak8F1NApSpcyOGkJXxY_3wAMXSh2nJr4S6Xyyp-qYuOMX4eF8WeqcbgM58Y7JtIaPcUoxHHwa7cv_hGxPRcVQvTYl17lSmB326UhrUKqTTUiOqbCZblF_tEPbGpVUSJnJOWwcqSsV3-Y6hma_8IE3QzR9dfv28oKn8A-ORx-3CxITBWZDeTh3eKU-2CIppgsrSQcKSIFurP5HwsI6OptOfTzOe2uohKv6WMLex3iPP4Sf5-Z8ZwZRqMdjGAzwo_Ss9dglsDGB9lh0JuNnurcDET03S5NW9a_adt9WnDDD2Pka7oD5BWpWDQFL5qvVe_QmQKaUf8wo-4moyf83Zo_B-jxsDq2mznTLBIkoCRnKTxttg3tvadN9VU_hPuCpIo8KSyOlQzxRGco1z4PjcYUPXcwos9nQxG7O_KPW-80D9Mx6HiIBsWYvd6Ho2rro7niM_FpSczsiv3gCnCR1NvvFRAYa5VWAkQQ9FttDdx5OOiLHXkonHl22MVPSr0lWVvoFen7XTAwMBe5cDBoNey4ehDu8UclVe2l-aV8J6nSEQG0c4PI2Pu1gcrcDw9kgjd8e-VE0MKYo4CSa5SegT34N2Um80ZQNDQrPkA9dpZohhGd2uq0fYpE07NVAcmXLOno6XT4X9MkpifrtVYmdjsLi8JC03667s64sJTslH87CYPbo6ZEExgjWdO7feYse4Vd6iFtcX8lWzbvtsu0Z96HjxizMQvI8iMYvq8tg0DY34mjTDgx_y2MqWdAsMStX2tWidyzIP5aOuqlkrsSqchmOA4kg2KMD-qP0cH7SnpKDeXJIjZr8PAX0XJppLsQMdq56I4ynCpGC29ZzBiFQf8PTTcjcDzkEVCJLzjGYOLMALwdhtDrhCXM3zyAYobciBjvy133BNsYbiTqn1KweMEZb-Fj5JUO9bWxkERE5avvY61oLnFDvYaD1nackLUVsu8ALT3sLe2aDhma1RupGRB-5lbyE47Ag8RDn7m8ZdxmO8Z5MFqddsbL8-sjMsg_ceCd0fsXcSxkjY93JFyt-Jx5VcyiQbqgihZoiGpnF0znaTHcFEIJdZkhEyWLsrWBolvgddZ5Dbo2FDWpdFCMWl46ruqFEUcwYfTl0ncpUDiee9wXybZJWNCcjv3qo09E0rV2M7d0fllra6Pw0-F3mFI0-62Qd3N-z6wx6d1PaIi4hpl1Yx5Bj2rIOKvpgE1ehxKXVU0jnUPOdBf1nooxtr5ALITbyKj5hp0QaW5ozbcTO08tYJuYnv8iTOsM8fzz-hZxiHJydRHOx_KYp4lu15q4hUlR-e6UNHC_6qrkELoY-x5-CUKzrzDu1WE9-9j2T2T_MMug20BGGbzshc0XMGSqejWxJXV-1JlGmOXTH2I3L8YEq3eaacLpyvqoC_Xw_Id9vjCSJsHidar0oHtrix5QUtePS_oQdeaMObv3HMHbCxANWKVcFalXOSYL3I7Qgy_1a1tgN0p7YxG1Sj9N2TzNVKzvNJEDldK_F90kc4qvbBu62Q0wpBSNEAus5VYSaM6QereO-C2ODvOasWWcWDhliEWby27bAdW-oI1ExCk-TDy5dXTIdd-5j7jh0OdiWJG8mDPSB1BNzaXDC7bCSGDQwmJt3IObj3TxpB_8rAyyu5HQLeQ2nUGJzXPuZzawG2dt4ctA7TuQe6UPfGYsl9yq8WO4aUUYaPqbfeUYk_LG0ut--HPmIscQ&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=17443527353865873000&adk=72288713&idt=180&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
12667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B2FA 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
297003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 25AB 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Origin
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 25AB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-wkyEcsr-UpZG9cwVk2OncUwt41AJ1r_oI_UeipRCU6B6nwVkQ51yTI2wqyg1q6fJZRnOwWDKkvhoA6elLxPbE1BbK0g9Ts3sDeZ3d7KUmxCu9xM&cry=1&dbm_d=AKAmf-DJFtszU01mBlJoF-kN0Dw5Ne6QkPLYId4-lTiUOlVnTZHjb2ew0cv6g4wyZV1xklIVniq6ScGzoekqh1je7lza3GZk5mRgoJOI3grW1Mmix6eJbne2h2geaTfRlTpS65dDofAC2dk81CWXyo55PcqMGuVu89M_dU7boaEzq_FMCz0gRrqq_qN8vBVQHe62JalabtnKcoTdlhvN1It4vjIG8-VMykoaFcq9vXzDv-9ySINkTIVOuph4a_Ab0mUJ6YckdRefFeKjOjIoH78UHDRchgRYrimTuPaUl_4G6Qx51f-fHn_4HP7caLuJ552b_ktZ5MhbbS5ciYK940_KnuNJ0QSCtd-2aNevXc31h1e5vJ8KJuUDXAdOBqQYv7oCWxQG8L_QUzvXZKR9bqPIoQ36kxbVU_XuL-NIGtTjJzGJN1xl5nZZWO7a9D5H7LF6K0LZeT0PPnZYcbNrCkxlofVA2pFIKIVPZPJb6jo5jS0PvkfDiWHZJwHLpE6U4SdAHUWN-nzNlLKqYVRkoHmTabLq3QPK1FaHlacKu7wKSGMxXy6yFcK8XZpqnrw1hHpVOBSGDSAXv4vH4mvMIkWqU8fU5jPYEVSVwqfGnmxVbzIg5sZz8x5MdgQgi2tNIk0SYzmWDMyX74HPXKbaS79BDBkFwAT58qNo8wZGp3WOCKIef5M-oxasIyIXdcCB14RgV8_TnQBz5dDvmkjZ0Ul1Ge_fpX2QR6mr9rW34Y4-17Ozb_SySvyTJkK68lbAjAjN9EZfKd2_rGICkPT4kp0Nv8GrytCbOGUz6AiAlloVg2HVrjbZJw_DEo_aV4VJkOrOU37dRKpB_8aEEPaTGKaWm7XMmeKaQMKa6SPK1VqUwYVAhD5cyKMEdXGw5nvhxPn8oyw8fzGtVVudBjwg_Q2IxnVp0FtiIk8swu8vKFblJ-uAxA9oCJKu1CJGq-OBdsR0H35AVuGRZFx-JhqmEuwI5I531KYr8EvuvyeFpjk2gkcEBvxdmzwEnRk0H95AnLlzU6w2TmCs2LK1JZ4rLB0g-5vMMyzi60GIhekIL2xnGS_pLBW8hCkRDVmf6fn85SaJgPSS0fymkg4DXlAlU-nAjbNblLab5WWL7TCh7Sjj7D3XJvqGVfkgdfsfJin3v8fosyvKKLBkI1VXHO2nsJAVlCUeJk7_94f7NQvYKJplMgHez3lTqTfyBENwpoCwVQeeuESjuY4vFU8gNkF9HyGJxvTvdrZpqbLajoSbx_4_oj7ycZSJIRaIFYWXjq8DFb2jlFZWdlXIDBHqKXmOaThTgzOVHiinMEY4VoyAhRgP9NDz4Es3bUKh5NVip5a9ydhXJWbbIUpaa97H5AL4jaxcGMQYFQoZlNC2M6wOMkmN2D-bBuYkQ-A5v9gmNthJyQm0x_MsXOW3GMvrCkID_I4uDO56zBvAMCvd5g9_za_h1RNG5NKeJx10tyenydX6h8dJ7PHKkPojgkysfVavbEX5NjjyYLZlydf1ZOspj9nsZ3oeS4GMiBQBWz524AhKeuM-Tfz6v5d5mKGiRUr-U76ghdxZm86PpX2_MOmap7dQwwXshivqyOh7eQj8B4fDOqS1wZsJPdExuoDx-_OY-6pE_ZWEWYMbdMEGpD7UoilUeUV4ipo8uRrF0YoaPR8MT8qGGyM3NfR2zyFLrETJ1fwnlG-NZqmcGcUTdgP0M9BBFP8h1C35SjzRC_cVsmBNpLtSCUmg_6krcrtzf_HEaG8KOSIYU53wa8wv8ADG509QNQtSGa8waoKPfn2FR21DQ7GJO2GSfAz332-d1Z6ea5OhZ5Fryu8tuLPGAQ5Fj9yFd-KFU9vakM7vDkj09xOQE-FftznCqIPp158hLCylq8_vGtgcXqq5GnoXWmfeo_0dtfJM90v69-5lg-p9iXXuEGWBu_UdU0HAuKj9PKatGi97yyVeK529y_7-cjaH6y-VKPTLlhTQ0d01_T5zuGtpKAalfL4QRq-EZPi557Rq3Sf42O8PzG2nT-vUyE1P6JkbJ18BEboHzM_kDutCAuRbB1rR20S19KJWVVBc3Z1clG4aePyTi63hvLJHNga1d1nGWazS-vwJVHCDEpHyZTSa8Igdgywj2uZMqS1CC2WCk6I9FHDR0FFlFFVkXM9hz_suFWc7MLQ2MLUUZd-LbGOsGE5C-uiSTo4--nZcQ2uSdHDZdwULtTIE7A3mUGSnS0_CfgVw2GRtAR60c214jTQE1Eylj5YPvDyU-5CEOmX8NvfgHdsHP9SutDrQhzupgUQKePUwbx_dFxvtEGI1Gt6lWP5xsPtZStWNWIE9CYF8GjZpQEx6If629uKrwe9_7a2GqkBpu46v69-x6-5fOhAijEkpnv_S-1RkrEqbbxhEFAYXswbCeazRqExMP78Uspt1kIXWO5nrsU8CG0Z2UM7qxhsSb3RWJRPtoUsNia32FuSW8s-CDsImHPDXPpotpzZ_1fqWKA3vi_saKBsLglXXBZA0CQy8StuEnmHgKeYxz_eYbMHl6U9n2X5HqnyPxRzDO85XpS-EREPt6Uus-ySrdPhEpGCvYEOi63PKHnnw_6gSkBcYNpMRveWGdGvd5XCEmZrU6VdKfxdu9kEIPY8mYale3d8d1JqRrsMBnGCfhmQMPw2mU-Q9EpLY9sGM3b4pixUPG8RgLgVT8CBmdqjE0ExNn4OI6EsgDZ6A5tVIOfgMENjn5yCZzFAV00LGit7iZN0LMxmZahdO7TNH6_9D6FgnfFUGO_MtPR1pPYN1q6mh99lGstti9XlIrWxSRFYTZef7RUefTTWRWSuG89bDy29r9lJeGJYVLb38mF1iZO0-VOozt4RnJAITp1G1XWblMY63P2fGnxFFMU_gEF7xMB_Mq7gxGMWASeVG-IfllLnEPExdQ-CBgm86ThdoPxnfv7QSOniL_ioSASRwJSQQuo0QHS4Akngg6xpMhMv7W69xcYhqcaQwiaHYJAp3gac6WBJ-EQLfbDxIVij6qAb2Lgp4W9JEMlnyP46Dc_Ip2sIG86wYU-t6BeCW_ETSRH9EKtvT6rKTqiew4g8Hwzp5We_oK2turbODafVShRwgRuK97ZTQRq9IMIEZeKI7KRUSc-8Rb3i9uk5Kh5PAtNEYavMexVFqsDtrynvReOYi4U2nys_pzG535y-yC_JVRKRaHQuKOaCWYykNkQUdRsVRik5E0FGWKMfUzTUNwZQ7vkj88k9IzxhNDDQCn6b1RuWINK0WN2Ezl5qEF8OQd7eAI0ZtgHF2vHXWbaCWiwrBzTNi-WU8c6VI-q27X2KYPVVlj4yep3s10GPYzfF3Cqy21qs4ol8Sm63SHNlTvVyRe7f9o1tjQhwsc_cAwYDf1dvSLTj_pnvJLuYlqfJ5j-C04e7XTjPQY8PJbduBIs7azeHAhzY2SQzIkd_39N31E43FB-4iPorUqgoewBufIxsjS9TgxKqWfbm91DdI4wXJ3ZTAYBhINRY7RSuMOGaRSgU_Y759HVYKJNvzzkCclO-LHaTPzzIVmXMVloow7BUgVPylrvAnmzAuQmZ40hK2aguKWltc4Eis9JcCGO5Q6RshAxVbD1q-QQdyH3UIO2gMiFSKrKuZKRwBYr4055Za4xPAjV0j9v53a-1P3rSna-JYBqnHnErDvZ7ZjyqZ8_qRAczzVZUWfRyw8V4a2ESIMguVb0OAsFMSZ_7e7IdjvtNxVdmv7Gs9bSyna_r_O-m_qbGPjNkNnY_TcmsRtoWI7hFddFq1jVZNZbTPyqlrusF978rxJ6HS5wJaHk0z2uo6M8_UTCrdp1FrT5PCmMXTB8hIIcVtXUUM1ESwMcAjUF6hl-kqzi5A_sYyW1P6Fs0LrgKpjtu0sxWYbQ&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14912880494073448000&adk=531095043&idt=184&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 25AB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-wkyEcsr-UpZG9cwVk2OncUwt41AJ1r_oI_UeipRCU6B6nwVkQ51yTI2wqyg1q6fJZRnOwWDKkvhoA6elLxPbE1BbK0g9Ts3sDeZ3d7KUmxCu9xM&cry=1&dbm_d=AKAmf-DJFtszU01mBlJoF-kN0Dw5Ne6QkPLYId4-lTiUOlVnTZHjb2ew0cv6g4wyZV1xklIVniq6ScGzoekqh1je7lza3GZk5mRgoJOI3grW1Mmix6eJbne2h2geaTfRlTpS65dDofAC2dk81CWXyo55PcqMGuVu89M_dU7boaEzq_FMCz0gRrqq_qN8vBVQHe62JalabtnKcoTdlhvN1It4vjIG8-VMykoaFcq9vXzDv-9ySINkTIVOuph4a_Ab0mUJ6YckdRefFeKjOjIoH78UHDRchgRYrimTuPaUl_4G6Qx51f-fHn_4HP7caLuJ552b_ktZ5MhbbS5ciYK940_KnuNJ0QSCtd-2aNevXc31h1e5vJ8KJuUDXAdOBqQYv7oCWxQG8L_QUzvXZKR9bqPIoQ36kxbVU_XuL-NIGtTjJzGJN1xl5nZZWO7a9D5H7LF6K0LZeT0PPnZYcbNrCkxlofVA2pFIKIVPZPJb6jo5jS0PvkfDiWHZJwHLpE6U4SdAHUWN-nzNlLKqYVRkoHmTabLq3QPK1FaHlacKu7wKSGMxXy6yFcK8XZpqnrw1hHpVOBSGDSAXv4vH4mvMIkWqU8fU5jPYEVSVwqfGnmxVbzIg5sZz8x5MdgQgi2tNIk0SYzmWDMyX74HPXKbaS79BDBkFwAT58qNo8wZGp3WOCKIef5M-oxasIyIXdcCB14RgV8_TnQBz5dDvmkjZ0Ul1Ge_fpX2QR6mr9rW34Y4-17Ozb_SySvyTJkK68lbAjAjN9EZfKd2_rGICkPT4kp0Nv8GrytCbOGUz6AiAlloVg2HVrjbZJw_DEo_aV4VJkOrOU37dRKpB_8aEEPaTGKaWm7XMmeKaQMKa6SPK1VqUwYVAhD5cyKMEdXGw5nvhxPn8oyw8fzGtVVudBjwg_Q2IxnVp0FtiIk8swu8vKFblJ-uAxA9oCJKu1CJGq-OBdsR0H35AVuGRZFx-JhqmEuwI5I531KYr8EvuvyeFpjk2gkcEBvxdmzwEnRk0H95AnLlzU6w2TmCs2LK1JZ4rLB0g-5vMMyzi60GIhekIL2xnGS_pLBW8hCkRDVmf6fn85SaJgPSS0fymkg4DXlAlU-nAjbNblLab5WWL7TCh7Sjj7D3XJvqGVfkgdfsfJin3v8fosyvKKLBkI1VXHO2nsJAVlCUeJk7_94f7NQvYKJplMgHez3lTqTfyBENwpoCwVQeeuESjuY4vFU8gNkF9HyGJxvTvdrZpqbLajoSbx_4_oj7ycZSJIRaIFYWXjq8DFb2jlFZWdlXIDBHqKXmOaThTgzOVHiinMEY4VoyAhRgP9NDz4Es3bUKh5NVip5a9ydhXJWbbIUpaa97H5AL4jaxcGMQYFQoZlNC2M6wOMkmN2D-bBuYkQ-A5v9gmNthJyQm0x_MsXOW3GMvrCkID_I4uDO56zBvAMCvd5g9_za_h1RNG5NKeJx10tyenydX6h8dJ7PHKkPojgkysfVavbEX5NjjyYLZlydf1ZOspj9nsZ3oeS4GMiBQBWz524AhKeuM-Tfz6v5d5mKGiRUr-U76ghdxZm86PpX2_MOmap7dQwwXshivqyOh7eQj8B4fDOqS1wZsJPdExuoDx-_OY-6pE_ZWEWYMbdMEGpD7UoilUeUV4ipo8uRrF0YoaPR8MT8qGGyM3NfR2zyFLrETJ1fwnlG-NZqmcGcUTdgP0M9BBFP8h1C35SjzRC_cVsmBNpLtSCUmg_6krcrtzf_HEaG8KOSIYU53wa8wv8ADG509QNQtSGa8waoKPfn2FR21DQ7GJO2GSfAz332-d1Z6ea5OhZ5Fryu8tuLPGAQ5Fj9yFd-KFU9vakM7vDkj09xOQE-FftznCqIPp158hLCylq8_vGtgcXqq5GnoXWmfeo_0dtfJM90v69-5lg-p9iXXuEGWBu_UdU0HAuKj9PKatGi97yyVeK529y_7-cjaH6y-VKPTLlhTQ0d01_T5zuGtpKAalfL4QRq-EZPi557Rq3Sf42O8PzG2nT-vUyE1P6JkbJ18BEboHzM_kDutCAuRbB1rR20S19KJWVVBc3Z1clG4aePyTi63hvLJHNga1d1nGWazS-vwJVHCDEpHyZTSa8Igdgywj2uZMqS1CC2WCk6I9FHDR0FFlFFVkXM9hz_suFWc7MLQ2MLUUZd-LbGOsGE5C-uiSTo4--nZcQ2uSdHDZdwULtTIE7A3mUGSnS0_CfgVw2GRtAR60c214jTQE1Eylj5YPvDyU-5CEOmX8NvfgHdsHP9SutDrQhzupgUQKePUwbx_dFxvtEGI1Gt6lWP5xsPtZStWNWIE9CYF8GjZpQEx6If629uKrwe9_7a2GqkBpu46v69-x6-5fOhAijEkpnv_S-1RkrEqbbxhEFAYXswbCeazRqExMP78Uspt1kIXWO5nrsU8CG0Z2UM7qxhsSb3RWJRPtoUsNia32FuSW8s-CDsImHPDXPpotpzZ_1fqWKA3vi_saKBsLglXXBZA0CQy8StuEnmHgKeYxz_eYbMHl6U9n2X5HqnyPxRzDO85XpS-EREPt6Uus-ySrdPhEpGCvYEOi63PKHnnw_6gSkBcYNpMRveWGdGvd5XCEmZrU6VdKfxdu9kEIPY8mYale3d8d1JqRrsMBnGCfhmQMPw2mU-Q9EpLY9sGM3b4pixUPG8RgLgVT8CBmdqjE0ExNn4OI6EsgDZ6A5tVIOfgMENjn5yCZzFAV00LGit7iZN0LMxmZahdO7TNH6_9D6FgnfFUGO_MtPR1pPYN1q6mh99lGstti9XlIrWxSRFYTZef7RUefTTWRWSuG89bDy29r9lJeGJYVLb38mF1iZO0-VOozt4RnJAITp1G1XWblMY63P2fGnxFFMU_gEF7xMB_Mq7gxGMWASeVG-IfllLnEPExdQ-CBgm86ThdoPxnfv7QSOniL_ioSASRwJSQQuo0QHS4Akngg6xpMhMv7W69xcYhqcaQwiaHYJAp3gac6WBJ-EQLfbDxIVij6qAb2Lgp4W9JEMlnyP46Dc_Ip2sIG86wYU-t6BeCW_ETSRH9EKtvT6rKTqiew4g8Hwzp5We_oK2turbODafVShRwgRuK97ZTQRq9IMIEZeKI7KRUSc-8Rb3i9uk5Kh5PAtNEYavMexVFqsDtrynvReOYi4U2nys_pzG535y-yC_JVRKRaHQuKOaCWYykNkQUdRsVRik5E0FGWKMfUzTUNwZQ7vkj88k9IzxhNDDQCn6b1RuWINK0WN2Ezl5qEF8OQd7eAI0ZtgHF2vHXWbaCWiwrBzTNi-WU8c6VI-q27X2KYPVVlj4yep3s10GPYzfF3Cqy21qs4ol8Sm63SHNlTvVyRe7f9o1tjQhwsc_cAwYDf1dvSLTj_pnvJLuYlqfJ5j-C04e7XTjPQY8PJbduBIs7azeHAhzY2SQzIkd_39N31E43FB-4iPorUqgoewBufIxsjS9TgxKqWfbm91DdI4wXJ3ZTAYBhINRY7RSuMOGaRSgU_Y759HVYKJNvzzkCclO-LHaTPzzIVmXMVloow7BUgVPylrvAnmzAuQmZ40hK2aguKWltc4Eis9JcCGO5Q6RshAxVbD1q-QQdyH3UIO2gMiFSKrKuZKRwBYr4055Za4xPAjV0j9v53a-1P3rSna-JYBqnHnErDvZ7ZjyqZ8_qRAczzVZUWfRyw8V4a2ESIMguVb0OAsFMSZ_7e7IdjvtNxVdmv7Gs9bSyna_r_O-m_qbGPjNkNnY_TcmsRtoWI7hFddFq1jVZNZbTPyqlrusF978rxJ6HS5wJaHk0z2uo6M8_UTCrdp1FrT5PCmMXTB8hIIcVtXUUM1ESwMcAjUF6hl-kqzi5A_sYyW1P6Fs0LrgKpjtu0sxWYbQ&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14912880494073448000&adk=531095043&idt=184&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
12667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 25AB 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
297003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1775 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 10 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1B2F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76c459dc3417295364cd57ed481f75bf15034eae84948885e0988eac355f8672

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame CFC0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaV--1rCrKMNPvTU_yRwE8PjzroBIQdw3f0NJJzHC-1GCvbM7n0gqnwDWZYMZSkWT_TfOfuXJo0PRATD6vfAMglX6IHGj3GtHJtdI0DexR008f4oBKnxtPdzVI13NG&sig=Cg0ArKJSzL9729rPVNFqEAE&id=lidar2&mcvt=1070&p=1160,200,1200,1400&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1750305995&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696872506787&rpt=134&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 504D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
358736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7E06 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 10 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B2FA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b609d13a132556b9d534a049e1c57a9404bd467ef916119d2be15036c5df0369

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3197 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 10 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 25AB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51bfd227e2b0f74a79839643c04e6f14521f39b1c94af4013957dd2ca9426671

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		34 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
e24ab7000162970de99766dd4222d0ed88adea64e1e08b044edfe5268360d7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:28 GMT
expires
Tue, 08 Oct 2024 17:28:28 GMT
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 86C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGcx4knOnlFNnbMy2Y9lfh9qAnwcKWewYKFyu0NRMe9pmnjOELXfjzT8GaFlo0MHfY19OCZqPbNn-1F5RriWWsGkXGyRsn_BsGtb6F9SFLsLenHHiHY60smA39v7K2qvDehb1bsnKSFoQIFtfYZIQz1ly7wLp5gkCZ_6kWXNsVZcBU1lizFH9dsf_zHfFEatWoWFZLaF3mDGkhTdMGHuUQrSTNY7H7tHL31qn7CmHcnuEZbx3qS9VhzcldTNrNGCURrEFFOrnx1lyjvjAPo50-Ei4RxfPvKNkgJqrV2n3FOB95vuq19vNgfAjx_fToFYgUjKIGUYbhedHqQ_NzuMJU_i945H0o2aJIgSsa59nas3BmhPp6s9q1LaDg3epFmz8cOx0lSY8E7ZBolIJYzyH4WETEXbDyT_JVYzpgv9Epccj78TtAhi4reveDEZ6LAYsH4RrwDMWcyWlbZYzbhG5VJI0pZmwDCwT4d65tWSoon4g2bvREgQghe0r2EWrg14vbIGVkWV2Um4sJQOgca-LGi-menqcuivFANcv97FKSEUTrUVV5JuPUnLOc__Nea1UrFpk66ifIL-mrTIV4j-k-UOTJDHbu1WYtbyrJue8fUSOh8-zI_7JZoUlc3gbbccdEiYgaX9LKws2LRGnIm2m3KEmnEQFVoZD6QLJ0BdOYTPZH6AVPBPqzGuP7d5NLd2e0Z2tizUjXt6uTlsLIRAPuIOkCEX0z5toUwc3FLeB9Ii-j6fMCoe1LA2QG7dGUXxNeHeC1gNJHkD63Alre3Ryejev89WmNCAy5S2QeFv4StwzA4aA0LWTFDk3Hu26-rRvT_VBlcRQNOaPoa8urlU9Aj5-kQMfyeIFbJXhkMsACEPegcTT0fPzSBL8_p_4Zrq1HNSoMMl28NjGIxEYc6YSXYGjDCk7SKHPDlt-OevXfBpCH_txinYuWGHEk6OzgB3_DdEN_3IiRZOSMP34rpaLmevunYI3LaH-7iKeVs0IS2HFy7dX4ZZAsBZvySaig4fuzp9tIrqc7BEaLku0GlFHUANGrW6A-lEkPYRt_KQwi_ckXAIuUE2Ksjnn4QVihVfiG39ARDJyPX8waFFfIjVWQ0BKENWL0jan_SW6wQX8w6G8KInelyIuPMqDxDWSTLTTG-yHioZ2-_YRZ1siwbb6NBu_MZbpjaF8968sKDTucras-jqISG6Oh1MZH2GU_2m1lbN0ftpKf8Qbv7QeqxIjkuI72Wx45ehtGwb44M-OCkzeJapGHahgldoX6k4z9rgAJjPagaZqTp4iqpzokSzjURDLCzyQ9yLd9j1SDgtcmIlZw9DYpNACSTiIj3vF9UKP__SaCvqzGraQNFaYPKGoYohXUAlX9bC7niB2R-GbF_4uFffaXg-SJy1SyJPHY9G5_QDTXzASB9AyyhO1y2wXhdCm7-r89m4zryA&sai=AMfl-YSYh_nuNH8W0tTdVOA45M8ouzkKCheX66DEnNQ1USDFdBRF5uTSJjqiR3VTizxKbVToNaOG1k4JaMV3oWK2JJSiOT_N0SyW-60fc79Iu8-6HN7F531MR0emxhRXIbKYNsUcVN7vvCw6pGr80NuzRa-DWrve1rp0bf3G6AY1PLwxdq1EeCOh0FnA5TgLVSwEWX47s5xF-Q3xm7X2OSw9jLF_x9w0_jbDHAQmU0a7i84Bgd2elJ91SAgLcj3IYVuuGsj63XdceQS7Be27zcM-YiOM3Uoouu8_&sig=Cg0ArKJSzG-Q5StHvctCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=257&cbvp=1&cstd=249&cisv=r20231004.42999&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame E2F9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC070X3Spl2HbKJwxH0lPS0&google_cver=1&google_push=AXcoOmQgIsDsLlaB2ebctVIfxk7whCnxE3MWSA8HQKKTGFRWobhz0WCLwcoj1exwyPrZ8Wpa0dYsFnsScrDtcqz4U-O40PIw1P9F9g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0C011F2B78A6430186B9463D687B21FF&google_push=AXcoOmQgIsDsLlaB2ebctVIfxk7whCnxE3MWSA8HQKKTGFRWobhz0WCLwcoj1exwyPrZ8Wpa0dYsFnsScrDtcqz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0C011F2B78A6430186B9463D687B21FF&google_push=AXcoOmQgIsDsLlaB2ebctVIfxk7whCnxE3MWSA8HQKKTGFRWobhz0WCLwcoj1exwyPrZ8Wpa0dYsFnsScrDtcqz4U-O40PIw1P9F9g
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0C011F2B78A6430186B9463D687B21FF&google_push=AXcoOmQgIsDsLlaB2ebctVIfxk7whCnxE3MWSA8HQKKTGFRWobhz0WCLwcoj1exwyPrZ8Wpa0dYsFnsScrDtcqz4U-O40PIw1P9F9g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 08 Oct 2023 17:28:28 GMT
google
match.adsrvr.org/track/cmf/ Frame E2F9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECkBPibBQ22iSNoaETSNrjA&google_cver=1&google_push=AXcoOmTIzbvB05nYqSU3dy8ZPDfqsTnCU0BBbz2PHuqkP7HXjRsFCVC1P3yrUoblh2tRr-cegci5ZPsj1efgIdMTesNLjvzPKd6Z
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E2F9
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJShYRR0kbhqrrI6s9XUFNU&google_cver=1&google_push=AXcoOmSOYYJ6Zc6w4jo0C9NsKx0uVJrczUDmqIQSZhvKzeXYMfjkm7zbS1vxw2npOPSNdsVw9JGX2_MQ7Mt...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSOYYJ6Zc6w4jo0C9NsKx0uVJrczUDmqIQSZhvKzeXYMfjkm7zbS1vxw2npOPSNdsVw9JGX2_MQ7MtSSTSUtnJF7Ehha5GO&google_hm=SexD-WydRhCrtRH0dpIxwkw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSOYYJ6Zc6w4jo0C9NsKx0uVJrczUDmqIQSZhvKzeXYMfjkm7zbS1vxw2npOPSNdsVw9JGX2_MQ7MtSSTSUtnJF7Ehha5GO&google_hm=SexD-WydRhCrtRH0dpIxwkw
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSOYYJ6Zc6w4jo0C9NsKx0uVJrczUDmqIQSZhvKzeXYMfjkm7zbS1vxw2npOPSNdsVw9JGX2_MQ7MtSSTSUtnJF7Ehha5GO&google_hm=SexD-WydRhCrtRH0dpIxwkw
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E2F9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZCWHgB44zlaURXtdkffQE&google_cver=1&google_push=AXcoOmTej_0HpAnGi0hZeYqzS4HjxQzR_7QkF6CdHgIG4pvsVdIMUT-ou-wUSIJUZTrJW6qAAs4VruQ8OhjbLQjiuldHoEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTej_0HpAnGi0hZeYqzS4HjxQzR_7QkF6CdHgIG4pvsVdIMUT-ou-wUSIJUZTrJW6qAAs4VruQ8OhjbLQjiuldHoEi_Fmdn&google_hm=eS0xQzlEbDhsRTJwRjcyVE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTej_0HpAnGi0hZeYqzS4HjxQzR_7QkF6CdHgIG4pvsVdIMUT-ou-wUSIJUZTrJW6qAAs4VruQ8OhjbLQjiuldHoEi_Fmdn&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTej_0HpAnGi0hZeYqzS4HjxQzR_7QkF6CdHgIG4pvsVdIMUT-ou-wUSIJUZTrJW6qAAs4VruQ8OhjbLQjiuldHoEi_Fmdn&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame E2F9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENbvHNqMygaLDp7XSCnFg2s&google_cver=1&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPR...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPRI...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBww...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPRIBmw
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmSGtsQhydrQajT_uVotyw3Hi2iClOuuUVm55nObTGoy9W3dBBwwEHJwQxHdGGosLHne4GNs3gZ3hwXoEpiAIr6HNV8rPRIBmw
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame E2F9 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGDNVteZXC68IqUaSxFs4VQ&google_cver=1&google_push=AXcoOmQMfrygi64hvXmH8vqpOHNYxtYACCI_AmNMI9Tlf7IkdLhqoSihlAj74Oqe-Zz91OytmBEWipA5TkBePygv1oGEGs1SW0iWOA
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:27 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E2F9
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRwk1rs64qBw0RjcmgPg0dPNf_zced3B4AV3-bfCdnSAFRBqOfitilocbrVSeOem0tsXGBluLmU_X34FXHohWK6HdR2ypYrr98&gdpr=${GDPR}
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRwk1rs64qBw0RjcmgPg0dPNf_zced3B4AV3-bfCdnSAFRBqOfitilocbrVSeOem0tsXGBluLmU_X34FXHohWK6HdR2ypYrr98&gdpr=${GDPR}
date
Mon, 09 Oct 2023 17:28:28 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E2F9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRXADdkIUg6qRyN7Eb5ij1PStIwC8oj9ZVql0mQil8jA323ehV_A3YpvZVmmHQ8mxFSKFXZg
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gwdpage_style.css
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 18:36:57 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 09:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 09:28:01 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 09:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 09:36:28 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		303 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 21:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 21:57:42 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 21:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 21:35:31 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 19:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 19:46:03 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 22:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156447
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 22:01:01 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 08:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 08:01:00 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 17:29:44 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 6D94 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 17:00:57 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 21:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158588
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 21:25:20 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 21:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 21:57:42 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4107
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 16:20:01 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 19:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1725
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 19:02:11 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 15:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1355
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 15:47:37 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 07:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 07:59:02 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 07:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 07:42:57 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 21:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 21:46:44 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346322
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8917
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 17:16:26 GMT
index.html
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		53 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:28 GMT
expires
Tue, 08 Oct 2024 17:28:28 GMT
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1B2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMYPgqZqTvk2C2zJdFbCw7Hd-XG7VdQfhJXRn8jHry1S6tsSlzF2rjuCnSuLKz7c2cpap9Segy1NNQJCbcQST0jNFRJ5p20gpijhFI3wcdW1TULDwX7aRO42vzATq6C2bZlKso2sXIJtypOoBkjBvFWkGZQdPfGeHqH5BJtY72LsqOeFi-2eFB_b-ILjYKhlMTvwNXPvMHeQDYuYH4tnJr7kTzv9UJCPE1z0VCUQNQZNlNQcL4bvw_57O-sYrBvJO-A84tVxGG6C3lEqB7RFKGzawwfnoI4ZlpH3WWyZ4llFYEVcMpOE_oI6An5DoVAD5onihjEelmIhuHvbfpoCDx9jbKzY5774HH_hlJopB7uZs4d4IkAHMgVm4c89u34fggO20ZTpD2FFJNnDUPwb6SxevdVvZw5kjXo4Voyt1USGSePiSuALLLXLZKEqd14dMEcE9-hMx29b4tRmf2CNg8Hg3YMDm4wxuRyE6kIimgpPkZZuqZN-nLA36TSjHXLDOOjrw_PAKHA_zquivRjB7kezjYjPbsqhq0A0ypGDcisdZMp3j22K6s9mBAyjMT5MSBcEosp_XuYObMq-o-UDaCy1GK0NSrB1KLpgs1SERBTq4rLCCUZFS_Ql-VCoyclCIWhoOPc-JeEZSNxH2hFdFS2yKttWWmS7ZR7gkYgfPhB3zpyDlSG1gDL1_9PSlu8g_vjcIeydU9vi0mNnyYwzSYKUVqZhZ8kW2RHBuaKGXr-4lQwemA2QoSouB-hiyr0Ow7uJzFWWRJWVIycesk59FSsS2RtaLiHo4ZGTCJHQWPwy7QVda3PisyLuaeOXxD4zh45fWs1aaqAwG546AbvRRSPKL8EOxy_TuX-q47ni0qWPO8YWENTDbbDmbgSFeOHyubyA-3le9z-9lSgp1XwyaMB30QVLG7-kltJ_T47QZ7wMZiKpcaov0we3wmQYxN3dDvQo5Ee_o6iqQjlNOhs9cRyjNxcx1MOdlU7mqCwxuucIiJhusFYOr-ccZBMMARVL4zF1S8twFLJuB70zEy0np6IVnejAX-UdrMfgEirWPD_qgOFMsjxGZHjhr8dNL2_5PEFGb8Gf5DAHV4eZj3ah_mQHbEbcszQyqx0qA3dJUzp86HQECdLOM5Q4oDzxLtFWl1ZngrHZGiNWdsimzKU2A2xu9LjoEoU5CQguYNZoCO8Yub-Y9-7X3mgGa6PF6PGfSsgJz3y11yhYjY3bL-ASV6tRyoLp2BpCxYcrkYggUqB-9SxKHeRJOwINZG9uIUAmVGGfY_HEUH8KWgi0F-O-ZMhOBmKqAjcuWidrFo0U52LZZzit08DbolPTGzd9nh5vitZ1O57Ye63IRjjypZuA5E6McRN1K1ASvHqAen_4BAla4IzIL61GKLNTP3Iq7nrZXV5Y4gPYFHT8X_Z-r1boOSW1ic7HF5pHFDfy0P7_Voylzc&sai=AMfl-YRKpCT6hKs0t15xu-Lhzr1C3e900SFPixyj2oJJYjv9sl8c8F2Ht_Rm778DBTgMwwqnBvh8EflzoIO2wlpxTwARPgkI0yceNv4Z9t4wZ7jAVQVUYQHpSfgQvuM_hmbGgkyueTP4IdD-hy9xPmss1NoSw34rnu5O8Vctk0wIb5JzD6KLVomrNY7itNNvhF6L6AxJceu6ycIkYJLz8hegMXN87lmxMH9l-1BqBrc2qnd0CQ5GBgJ961s8WQL20aFwjKJflYLtAt6PPMdkAdIyVfVp6H2xIDOU&sig=Cg0ArKJSzCWJPsJLN9SEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=240&cisv=r20231004.67566&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		53 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:28 GMT
expires
Tue, 08 Oct 2024 17:28:28 GMT
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B2FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst33TZq2XBj4DqzqCheKPdl94mxeSHFV4Nf6o8okJqH35xVQCCpQafYy-JWmpnttK81fVODCzmrjUQ2WlrqZnOwRk56kBBvO6UA_m4K8n7i_J2v9KaSFw6WxvRPkoWo_Vj4u3Z0NTwBVrGbDjxNUTutFwRqPPJwB0Khu1osbpzcPf-dvI0IJDBvUHnBb5IhJ5bc_KLgFjRA3FnvqBfrIFT1UWfQ0LSiTXp3jQRDdHaDUMVBrHpkLqlBDy5e5V0dpVSkoKTMPKRPjTREEDm81SUQdIt3ydh_5w00tjBXLDO8ntMC2ULjfx-O6mLzdq87BCadc4BPCOLf6q_xbSNhPTIV3y3GM3OvLs1kaSoHN539sqv-eqBTWILw9XtJ3eMRzOqPqEOCNFr3W39H4I140rdywOYe_2kEQ7jxglBzson8XCAO8iYfOMFzQtmMW8xE40WIg3cxkvh75cgxa6GCIjfv1nN03wUOW17LKAJKweoEaF8qCgWw0tHRYumXlG6UkYhqveElRhX16ypRJftfluaftE6tbh8n2-Qwu6RLi5b7X3jooM3AYP_YMQibYPNRo8T_jb2fPwehVWXt2aE2qSWrQmY5dp2zF0CVhP8aN6hHPau0aHwgEPo17yRDYsLdqLaU1cgRwgxWKDATpPbeS21Pjy_Go6LWIN0jA582-273yOS8Y-8U5mcMk5mrgo2ZdplVs2TLBKwf-YHZKvQGG0WmLlLeQXgtJeG2Yu2rx_9VvWx9ABQhGJJUsMwE88rVtB50QuM29oHTNW1E6tGqOTNno0ExO1Z7fsknNfn_RCJexQP2qKryddAAQ4pHx63tLwEYBl4bFnG5z6gvpQ3giFW_roEbQQIrP-87lyB2AKUy5Tq-xQO8HAOzdAk8kARUeQsZ-FlkN_IQebdn_k_avL1qXs3S9TG07SDj67dwXBvEuXONbMc_wV2BbqfJZdh8jj0PMTshqRjZ8NWKLYb_dpE0gTpF3h8WBFumTpOlD9gvRiH-g7IhKbPoLPml1dePSSJlQ8NBaVYoq8X1N4UdsZ0e9uo2laWtB6dvkxSk05gTaR_TT0BJzq65n1x6c9q6OowxGSIZb87KkRxpqKEFy7g8Hsio02lzmDdSGy8U3E97xmkm3F4LuBQglb-8M7JCT077F4AFjArXa1Q8o72SG6grf76f3d3HHmhYl2iAWjl0maw0hQ2KGxGqZXNDFJs746-NBNrtTgGLOW_X7kLJWb3T-EO8bIOny89kYJdPEXPZNIOSEj03Oio6lDOtu20qmhC2Ye7EqWKE9gJrTajO14uInOHuzzJsjIwAKJJ_Vr5Vpe32KYxcMb_3uA2k9uNePkPpNXDZt5Y3WOy0JzQhO8uHAwdJpUaZ5ZzF1p3ahHeHiyPwTmB8iSI1vgP7TsdD1lGNfL5ZT1yU3U0r_YtqH8N6JKmzyDyxm8LDG8xtKbbVOTUT&sai=AMfl-YThtz4UcRMnBdywQJwY2OvkQwOq1Gxkv02dBFuc79A-dspbi9dQCIO1zczziOvHNxwTYQgYl9h9NKkjLcFoZYzNW6BxgSB_gR6Ujk8C8Dxz4w9ngEuRVvL-R3Ah0Xra-HNqL9eZ-mcLCiUdy7EEnbME_j35MCnLDSuE7baVli1V_ASFi4zjq1mY_n9wwIwuyCKxYonHL-pkMSNPuHCXAzcR0SRxlc_cAVYhGGvkgJATKfyPP-TVG_Kn0G529dXx7kDi_D8_U7hKijx0HC9bJWnEGMj76owN&sig=Cg0ArKJSzDblWwUyKb-pEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=265&cbvp=1&cstd=258&cisv=r20231004.82514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		53 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:28 GMT
expires
Tue, 08 Oct 2024 17:28:28 GMT
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 25AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR7iBJTiRmyYMRlih7mIys-cm3qUJmlH3_NEksFhK3aw6ukzHskgjL_rlmU_bbhgVRjZv73skvGSleDsc7Ql8WWMn1NuzFe7TCAUkOHAtOqnt2cdImssOJtDNEnBUPlY0iR7RE1uv-ExNkqbRzeHBBpcUjA0shYVSR1p3egeephIemOLha7I8sHzuk2RHDHI0LXNfnbnCzkWivinxSKktZkcovE8spUudX76IMvDYcMuEuU6wXBF2sqCvlqi0BCxuMaRSr7jRw-mzN1vdhlFemMjP-TKKyhN1uZ1EHZOawofs0D8FGybgh_nvTvoJ2f54CLaviTCCeak-JrgM3pBudoEnYpSMotHP-LccMFPfdfd4Nd9oEu0vr-DxUzUxIh_Q1BnK_oDJnic1vkrg2Ey3qW-SngWcMZumwyV-QtzDMmipw6ngnCzR9aFjjaoCUDDAKznHsOgUzOw3rrHTWZfh4pb1BKJnUqTUMNBpYiLHo7KOzOxq0psTeBOLGvzLgWIncu6_i0-renfHsCmmD_Z56wlT0jfr8cUldgY3uMJB5gEWZqvz1WO1Y2h2X-FzmUPAuARbPDixUSK52W2HhlhbXkR-vvj1T2eRKSxHULxIwLvPtDO00Ug5ALnmi_QgywXbMEo2kuTSr3Ofme508umzkK9v_lhMic1os6YkvQRi4eBh8r1ZPfGjEKSoeZ3Z_MK83y4NphyOMsyZQ3WlTgDmC7mEHA3waRbV4rzpDvAqP6mGxwXWbK9syu_zeIRkSgtRMYmnbnPU0JX1rSKkAo-YamwKb6AHe_Sp7f7l3wCLrEaTDT3RMepyIngG1qRyLykxhz5AzZaDCyx79xuBSoqD_rz1Es_xXTh4r_eycrPxcNNg6OXMTxAw165QNQujSoKWk5GEMfZeyFKpC1GMaDLX_NX_AJ5XAfCpbWy1Vnzq2arSFuskkEZHw08dCry_8KfiqGCO1CGrchRO1U3YqxztyjsKSTGQCXdOzDFBkvXIAVPINrkD2wkp4f08b2_VKbAifCm2R9CI-D73bzv5F6a6uaTiFzOCgjhZm6xNc7JA4efEmk7gAwzGEwFulnv6EDqSGbUinJfNm-qBExVyrOg3bzoKkpGe_D-nVdrsx9Sudfz-FweJ3aenVO3C0pVuJR65QzPODezwd7ELvL6IETrfE9pLSEfP-1a4k9XZeTEXv4dk92ttX9wBXC6hub9RtXRnrmhmSnN0ccmL34gAROJRS31CBq9nAPqWRNXavGFBOJXeZiDOLPBc3wwrUO06HLZaeB8YzPS35-xcAkwWNyiroXjsn4SDk0Ig9YCw2Oobrd3he6EWnmnwEie4VreWtyOr5zPkw5N4x8DV-oH2LJXQpjCyxTfqaq599D-COcEaHO5HF1yIs-amLeUm0W8lqLwwgi-7GyyQqDbMWxParaJk0phH9aduSyZTvjBK3rxnSABi0&sai=AMfl-YT3TAqH9cT8UnZdj1pu1Ml_BLTcWvWOt6B_R57OdfOlJFeTbgLU1fOcseS7blybLdtaO8FkmAaofpGpLGvuP1xdWVJ_5ppG9hL4iCDc-5DMWnu0uFfJMzCLf-zCuvU5N6vbDjy3EYnbNH7WoK-JfwkRvsVN533E12V4Jw-XAqzRT8pA0zZRnWPExe9W6jwrv5pqn4EitcWE-Dh5dVws06wU8qZ-ahDOEVFnrpBgutcClgtnxO8GZlED1434Ylu2N1zxzOk4d1lh29SUZc8VmykIdVgupgqt&sig=Cg0ArKJSzJ94oyfWbjwCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=272&cbvp=1&cstd=265&cisv=r20231004.04726&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1775
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZCWHgB44zlaURXtdkffQE&google_cver=1&google_push=AXcoOmSBV8A7M0L_eOigJ4-L5fwHTOIU1QaiiV5ctCnZkS1gTChGLOr_f9vvQnWwCeYgsOuP028I2qJqt5UY09k2JhWag9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBV8A7M0L_eOigJ4-L5fwHTOIU1QaiiV5ctCnZkS1gTChGLOr_f9vvQnWwCeYgsOuP028I2qJqt5UY09k2JhWag9hu61vJ&google_hm=eS0xQzlEbDhsRTJwRjcyVE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBV8A7M0L_eOigJ4-L5fwHTOIU1QaiiV5ctCnZkS1gTChGLOr_f9vvQnWwCeYgsOuP028I2qJqt5UY09k2JhWag9hu61vJ&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBV8A7M0L_eOigJ4-L5fwHTOIU1QaiiV5ctCnZkS1gTChGLOr_f9vvQnWwCeYgsOuP028I2qJqt5UY09k2JhWag9hu61vJ&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1775
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJ...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0M...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJPD5Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJPD5Y
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQTHcNN2yUP6lM4TT4VnfdebtyxVMckqCtomcpH-a6JaVjbP6ptxN6wDbroB16VHsRsYltyHthtzWgg6LUQ09s0MjJPD5Y
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1775
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDto0n4RyDHSZp-jYLdd0Ds&google_cver=1&google_push=AXcoOmRMLQ2thNxDpsM1ObbM_gADVSsJHIvGM2V9AL3l_q0zVy6af3lrLUav5VChQPol1BYGmf_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNjJUUkItMjEtNjNJTg==&google_push=AXcoOmRMLQ2thNxDpsM1ObbM_gADVSsJHIvGM2V9AL3l_q0zVy6af3lrLUav5VChQPol1BYGmf_vELjAIqQ3LeIjmDW6XiCuVUU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNjJUUkItMjEtNjNJTg==&google_push=AXcoOmRMLQ2thNxDpsM1ObbM_gADVSsJHIvGM2V9AL3l_q0zVy6af3lrLUav5VChQPol1BYGmf_vELjAIqQ3LeIjmDW6XiCuVUU
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNjJUUkItMjEtNjNJTg==&google_push=AXcoOmRMLQ2thNxDpsM1ObbM_gADVSsJHIvGM2V9AL3l_q0zVy6af3lrLUav5VChQPol1BYGmf_vELjAIqQ3LeIjmDW6XiCuVUU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1775
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHQ_b-olFWLHBHqX5P9WtgU&google_cver=1&google_push=AXcoOmS2Gja-h6O-nHKsgBiu0m0OlGJo7rkJME6sW3RXCzTLbqIwmqcc69UtjGxeKsCrvgNgCsmmaD0DGPxd...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2Gja-h6O-nHKsgBiu0m0OlGJo7rkJME6sW3RXCzTLbqIwmqcc69UtjGxeKsCrvgNgCsmmaD0DGPxd-3RLLjJymi1v4hSE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2Gja-h6O-nHKsgBiu0m0OlGJo7rkJME6sW3RXCzTLbqIwmqcc69UtjGxeKsCrvgNgCsmmaD0DGPxd-3RLLjJymi1v4hSE
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2Gja-h6O-nHKsgBiu0m0OlGJo7rkJME6sW3RXCzTLbqIwmqcc69UtjGxeKsCrvgNgCsmmaD0DGPxd-3RLLjJymi1v4hSE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda
match.360yield.com/match/ Frame 1775 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEL6gCGvkRMnSClu1kahK_gk&google_cver=1&google_push=AXcoOmR0L_oD4U9DDEJHoWBZ22f5I1vPBvmE44t18ffd-KfMJy5Yt-yjtPAGD5N_V02HVs6tYVunnwBCuYaDZhwDhQytjQLm6AWa
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.37.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-37-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 Oct 2023 17:28:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 1775 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGDNVteZXC68IqUaSxFs4VQ&google_cver=1&google_push=AXcoOmSWeVd34XQAGM7eS3OWognZxOl_2Dn6QAJ45rlONiFq1wvDoukcuPfqUxp9HiHqSnux9LqhwUD7ybT7Xx3juYrSvZ9BLIc
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1775
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFG6-aRw_5ip747mOAGeBDI&google_cver=1&google_push=AXcoOmS5Uv4pR_7fr...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D&google_gid=CAESEFG6-aRw_5ip747mOAGeBDI&google_cver=1&google_push=AXcoOmS5Uv4pR_7frD14m6UgJS5WH-XS5H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D&google_gid=CAESEFG6-aRw_5ip747mOAGeBDI&google_cver=1&google_push=AXcoOmS5Uv4pR_7frD14m6UgJS5WH-XS5HNBdnScd301kAh3J77W2WbVYY65T_loo7Zn1A8e59QZ1s0exwdTxwKHSw_3jlcJ6sFPIA
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
an-x-request-uuid
39d04268-cd4a-4aa7-b60b-bd46e1b3bebf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIzNTY1ODg3Njg1MTI0NTcwMA%3D%3D&google_gid=CAESEFG6-aRw_5ip747mOAGeBDI&google_cver=1&google_push=AXcoOmS5Uv4pR_7frD14m6UgJS5WH-XS5HNBdnScd301kAh3J77W2WbVYY65T_loo7Zn1A8e59QZ1s0exwdTxwKHSw_3jlcJ6sFPIA
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1775 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kd0CRLqGmOkxgDioq2eYY1q9GIBXluMa8Ll9eG6AIaX9E-5XF97_kBUrpw9pUaqswYiJAknQ
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gwdpage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		55 B
112 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
604544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 17:32:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		731 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 01:07:09 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		24 B
81 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 09:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 09:06:00 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		303 B
211 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14407
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 13:28:21 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		26 B
83 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 22:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 22:35:54 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		157 B
153 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 19:16:00 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 21:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589414
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 21:44:54 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18893
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 12:13:35 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 03:41:05 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame BA7A 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 17:00:57 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344394
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 17:48:34 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:44:51 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 18:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 18:56:19 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 23:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1725
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 23:43:14 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568777
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1355
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 03:28:51 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 19:07:01 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 07:58:58 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 22:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 22:29:34 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9209
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 19:23:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 7E06 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFTLeRIztYdLbC_RLXwU3uE&google_cver=1&google_push=AXcoOmST8uH_kaOrcPj1sBdcYednOStKUuNDi-HOUcgBDvqReJUzb1oOPljKcxkkwyIfpBSGlNDpEEmG4H_Uy7XvuHe56bxGOw
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
x.bidswitch.net/ Frame 7E06 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDi4ZBhVlPwh7DnAG_NXyIQ&google_cver=1&google_push=AXcoOmTKjr4BYH5M7mxmpLn2qhwvPJgonAGM_aW-oMgvb14HNsNpf32lS2T4N7PPPJ7dOagdasRRliOwAvdy7qrwY8ND259y8oA
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7E06
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIO_k-oE7JtQtDHfkUIqSDs&google_cver=1&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsv...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha3OL0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha3OL0
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTWmwB_BmjobhWBU_35iA4TL8n7ZUfOPh4eM_eSenwcpEK21MOmsrmq5JXITixkj6UmgRVUV5hmnF13wzD7Bgvsvha3OL0
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 7E06
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eee6ExtjTKG0gMNxF3Rfhg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eee6ExtjTKG0gMNxF3Rfhg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSSDiino0uEPZHvQqEetEg2CoSbqLPp8DzwCqXgvnui8OWjbn1cFT6quA3LGoS79s1CO5QEwtcuHulAIhv1_o_dp1sk-OE
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eee6ExtjTKG0gMNxF3Rfhg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSSDiino0uEPZHvQqEetEg2CoSbqLPp8DzwCqXgvnui8OWjbn1cFT6quA3LGoS79s1CO5QEwtcuHulAIhv1_o_dp1sk-OE
date
Mon, 09 Oct 2023 17:28:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
-
s.ad.smaato.net/c/n/// Frame 7E06 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMSAVH6gcWIgmujT81nFQb4&google_cver=1&google_push=AXcoOmRGCZQnAK5LPuyb3BZld59xPf4QUci6HQu-5XvUwMqSr0rHkXETf2i6i5fc3pFZnGEGQFBGxv5fBqstpJ7T7IuUzClLrLo
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:fe00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-cache, must-revalidate
via
1.1 cec0e64209a322f193c5e90a44c7fc7e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
9pFlzmMnVwXhYAGn7LUJy9PGgo8_HziqblIhJxIckvAv9OCuq51Wcg==
x-cache
Miss from cloudfront
/
onetag-sys.com/match/ Frame 7E06
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHQ_b-olFWLHBHqX5P9WtgU&google_cver=1&google_push=AXcoOmQjFqNlgNRYTKYmHEL5EF-WNODY5dYe9KmkX_RHS_pfOk3w21dqymfR7BDj9_fSsM3C798PaUBJ9cC...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQjFqNlgNRYTKYmHEL5EF-WNODY5dYe9KmkX_RHS_pfOk3w21dqymfR7BDj9_fSsM3C798PaUBJ9cCZhY-LGPNb4PP74SUv
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E06
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTPKJ68NMAOwF2opZtFgjRYYK3xbsCTQnWiEPQ7uK4Cq5bK8ZRgs5YRi1AebjB24hS39n2slBwCXpgqoIkZ2lnBgQWyNzQv&gdpr=${GDPR}
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=58b62a81-d675-49b9-bf57-f22eab2cef86&google_cver=1&google_gid=CAESEBW669PWrnxHzUvWfI4XW3Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTPKJ68NMAOwF2opZtFgjRYYK3xbsCTQnWiEPQ7uK4Cq5bK8ZRgs5YRi1AebjB24hS39n2slBwCXpgqoIkZ2lnBgQWyNzQv&gdpr=${GDPR}
date
Mon, 09 Oct 2023 17:28:28 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7E06 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYVdi-036CaeRy410bSeiqaOQEzxMjxyVFfJxILIBrPoOIrndI3vgWqW6mwRegGy7ss1ZcIDc
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 3197 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE076G-3J7SMP6P6YJ1l4z4&google_cver=1&google_push=AXcoOmR8F4rCDlC6cmic0O_wUgyyQzzmu06eu9_vDta5qJGS5iqyc0ouhIi5WBsisLXXvRkHRk_59FZcOIYILuuPR211JfZh4edL3A
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 3197 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFTLeRIztYdLbC_RLXwU3uE&google_cver=1&google_push=AXcoOmScFYP-JjYe_c9Hla7lB05TrhA4W8JJbyM05zGleAkxODNrpM07pctFZ3RK2bTuZOigs_THSRO5NgsL4X3NLmC8XSRD7e8M-A
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 3197
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEB0L-EfMdzlncKkFfesnXxw&google_cver=1&google_push=AXcoOmRTmH3Gq9QjPiy08F8UVDb-qAd7DkctkKLP468bms87a_6VK4-o-rlwT1SJSu9YfE5OaOWVQgPPhYbW1y2t...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Smpt_bmhTpA3st1r9g3_bA&google_push=AXcoOmRTmH3Gq9QjPiy08F8UVDb-qAd7DkctkKLP468bms87a_6VK4-o-rlwT1SJSu9YfE5OaOWVQgPPhYbW1y2tp7gf0BSK74amgA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Smpt_bmhTpA3st1r9g3_bA&google_push=AXcoOmRTmH3Gq9QjPiy08F8UVDb-qAd7DkctkKLP468bms87a_6VK4-o-rlwT1SJSu9YfE5OaOWVQgPPhYbW1y2tp7gf0BSK74amgA
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 17:28:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Smpt_bmhTpA3st1r9g3_bA&google_push=AXcoOmRTmH3Gq9QjPiy08F8UVDb-qAd7DkctkKLP468bms87a_6VK4-o-rlwT1SJSu9YfE5OaOWVQgPPhYbW1y2tp7gf0BSK74amgA
x-host
tde-deliveryengine-production-868978d85-fmqzc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3197
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZCWHgB44zlaURXtdkffQE&google_cver=1&google_push=AXcoOmS6QvJEeKjQRzk3w8gkdtvdbbWHmvhikmP6DlWl88HiePFLSVF5Twa5-A8rqyBlmrt7gqb8cq0DgJipZDFGFFlZJRa...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS6QvJEeKjQRzk3w8gkdtvdbbWHmvhikmP6DlWl88HiePFLSVF5Twa5-A8rqyBlmrt7gqb8cq0DgJipZDFGFFlZJRawaWn8ZA&google_hm=eS0xQzlEbDhsRTJwRjcy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS6QvJEeKjQRzk3w8gkdtvdbbWHmvhikmP6DlWl88HiePFLSVF5Twa5-A8rqyBlmrt7gqb8cq0DgJipZDFGFFlZJRawaWn8ZA&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS6QvJEeKjQRzk3w8gkdtvdbbWHmvhikmP6DlWl88HiePFLSVF5Twa5-A8rqyBlmrt7gqb8cq0DgJipZDFGFFlZJRawaWn8ZA&google_hm=eS0xQzlEbDhsRTJwRjcyVExGUkV1MExwZHBxTEY5bGNocX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3197
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJURPC_LKFiw_PZh-qVe9Mk&google_cver=1&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGkhq...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJURPC_LKFiw_PZh-qVe9Mk&google_cver=1&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhk...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzcwODQ3OTM3NjQyNTQ4Mw&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzcwODQ3OTM3NjQyNTQ4Mw&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGkhqrxldvx-TrzvI7C4Ccx4HtQ
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzcwODQ3OTM3NjQyNTQ4Mw&google_push=AXcoOmQ8drhaBijGcF8HilDzpwexJhvtNwcHdR_ptg_c7ufCIGMptS77VLZPj54uCSy35xv2nhkAGkhqrxldvx-TrzvI7C4Ccx4HtQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 3197 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFyfeBn6s1vEAlwSFANh-cA&google_cver=1&google_push=AXcoOmTvHtozWWtDlMV4C-PK855C20WC62ytWTxUQ__FO7UeXRcPQ65S9pdqbgMZqCRMlQEluHyRZaRs3GROpVkhyMZv6Bc-he0tXw
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 3197
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENbvHNqMygaLDp7XSCnFg2s&google_cver=1&google_push=AXcoOmRQYOR1JLoGF_5fYS12HrMbg89z4FJdHRXi1Y1HAP-hUdFJ7iPEhUbHBpi-gdr0GWbJ6Cq97pJdHkKj4X18FjuSsE56xK...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmRQYOR1JLoGF_5fYS12HrMbg89z4FJdHRXi1Y1HAP-hUdFJ7iPE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmRQYOR1JLoGF_5fYS12HrMbg89z4FJdHRXi1Y1HAP-hUdFJ7iPEhUbHBpi-gdr0GWbJ6Cq97pJdHkKj4X18FjuSsE56xKOSGw
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk4ODAzMDUwNTE2NjU3NTA3OTY2MQ%3D%3D&google_push=AXcoOmRQYOR1JLoGF_5fYS12HrMbg89z4FJdHRXi1Y1HAP-hUdFJ7iPEhUbHBpi-gdr0GWbJ6Cq97pJdHkKj4X18FjuSsE56xKOSGw
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 3197 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lti_8BU_sEV0cWb29LaxhSuxMmP7A_fTlcIH5cAQX-K_b604p4uczb_GIDdQZr_X4D68aO
Requested by
Host: 2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
URL: https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C278 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
358736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gwdpage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		55 B
112 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
604544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 17:32:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		731 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 01:07:09 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		24 B
81 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 09:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 09:06:00 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		303 B
211 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14407
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 13:28:21 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		26 B
83 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 22:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 22:35:54 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		157 B
153 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 19:16:00 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 21:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589414
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 21:44:54 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18893
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 12:13:35 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 03:41:05 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 8C76 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 17:00:57 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344394
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 17:48:34 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:44:51 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 18:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 18:56:19 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 23:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1725
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 23:43:14 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568777
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1355
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 03:28:51 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 19:07:01 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 07:58:58 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 22:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 22:29:34 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9209
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 19:23:00 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		55 B
112 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
604544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 17:32:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		731 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 01:07:09 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		24 B
81 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 09:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 09:06:00 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		303 B
211 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14407
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 13:28:21 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		26 B
83 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 22:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 22:35:54 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		157 B
153 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 19:16:00 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 21:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589414
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 21:44:54 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18893
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 12:13:35 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 03:41:05 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 2C2D 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 17:00:57 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344394
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 17:48:34 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:44:51 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 18:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 18:56:19 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 23:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1725
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 23:43:14 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568777
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1355
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 03:28:51 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 19:07:01 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 07:58:58 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 22:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 22:29:34 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9209
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 19:23:00 GMT
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 504D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
565318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7318 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
358736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B04F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
358736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch.gif
beacon.krxd.net/ Frame 311B
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sj8SIQ9mq5pju7ZWj-MiwREypW5S_8L2
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sj8SIQ9mq5pju7ZWj-MiwREypW5S_8L2
Protocol
H2
Server
52.215.100.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1696872508
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sj8SIQ9mq5pju7ZWj-MiwREypW5S_8L2
date
Mon, 09 Oct 2023 17:28:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
3326608
content-length
0
Gotham-Black.otf
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		22 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/Gotham-Black.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15870
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 20:58:03 GMT
Gotham-Book.otf
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/Gotham-Book.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 02:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 02:59:29 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295441
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15057
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 07:24:27 GMT
NotoSans-Regular.otf
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		1 MB
424 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/NotoSans-Regular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 02:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 02:06:39 GMT
Gotham-Black.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		22 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Black.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 21:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15870
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 21:01:13 GMT
Gotham-Book.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Book.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 00:48:16 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15057
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:55:04 GMT
NotoSans-Regular.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 8C76 		1 MB
424 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/NotoSans-Regular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=4dnWZemEWj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 11:56:07 GMT
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame C278 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
565318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
Gotham-Black.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		22 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Black.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 21:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15870
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 21:01:13 GMT
Gotham-Book.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Book.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 00:48:16 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15057
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:55:04 GMT
NotoSans-Regular.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		1 MB
424 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/NotoSans-Regular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
434259
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 11:56:07 GMT
Gotham-Black.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		22 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Black.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 21:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15870
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 21:01:13 GMT
Gotham-Book.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Book.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 00:48:16 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15057
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:55:04 GMT
NotoSans-Regular.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		1 MB
424 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/NotoSans-Regular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
434259
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 11:56:07 GMT
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 7318 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
565318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame B04F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
565318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0201 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9Zg_bfMSHFeL65w8Pvp1eLw_RiEtoSFnFQAwjVfaX52ZuJC8kws99iVsdQGJKXmwTrjmjibqXzcmcwcSmc15j7CsgBqmlqhHM43aok5liv7Rbj3zYu7M85qSsZI_i&sig=Cg0ArKJSzNDU5U2IlTrTEAE&id=lidar2&mcvt=1026&p=173,315,427,1285&mtos=0,1026,1026,1026,1026&tos=0,1026,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=885339186&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696872507378&rpt=114&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6D94 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b2c91d5381a4d6f6b63be5cd81d9a8ee3b933e4e5296a7744c787b5cbd573e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5787
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BA7A 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45b03f7e7040d89298513099aacedc8bbfeef93bb28b05167d080f0fa1075d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5688
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8C76 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3839db0a5a24ea02ba1ac3fe96cfa39ae3b47165c988f87d376cb130c4679572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5737
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 25AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR7iBJTiRmyYMRlih7mIys-cm3qUJmlH3_NEksFhK3aw6ukzHskgjL_rlmU_bbhgVRjZv73skvGSleDsc7Ql8WWMn1NuzFe7TCAUkOHAtOqnt2cdImssOJtDNEnBUPlY0iR7RE1uv-ExNkqbRzeHBBpcUjA0shYVSR1p3egeephIemOLha7I8sHzuk2RHDHI0LXNfnbnCzkWivinxSKktZkcovE8spUudX76IMvDYcMuEuU6wXBF2sqCvlqi0BCxuMaRSr7jRw-mzN1vdhlFemMjP-TKKyhN1uZ1EHZOawofs0D8FGybgh_nvTvoJ2f54CLaviTCCeak-JrgM3pBudoEnYpSMotHP-LccMFPfdfd4Nd9oEu0vr-DxUzUxIh_Q1BnK_oDJnic1vkrg2Ey3qW-SngWcMZumwyV-QtzDMmipw6ngnCzR9aFjjaoCUDDAKznHsOgUzOw3rrHTWZfh4pb1BKJnUqTUMNBpYiLHo7KOzOxq0psTeBOLGvzLgWIncu6_i0-renfHsCmmD_Z56wlT0jfr8cUldgY3uMJB5gEWZqvz1WO1Y2h2X-FzmUPAuARbPDixUSK52W2HhlhbXkR-vvj1T2eRKSxHULxIwLvPtDO00Ug5ALnmi_QgywXbMEo2kuTSr3Ofme508umzkK9v_lhMic1os6YkvQRi4eBh8r1ZPfGjEKSoeZ3Z_MK83y4NphyOMsyZQ3WlTgDmC7mEHA3waRbV4rzpDvAqP6mGxwXWbK9syu_zeIRkSgtRMYmnbnPU0JX1rSKkAo-YamwKb6AHe_Sp7f7l3wCLrEaTDT3RMepyIngG1qRyLykxhz5AzZaDCyx79xuBSoqD_rz1Es_xXTh4r_eycrPxcNNg6OXMTxAw165QNQujSoKWk5GEMfZeyFKpC1GMaDLX_NX_AJ5XAfCpbWy1Vnzq2arSFuskkEZHw08dCry_8KfiqGCO1CGrchRO1U3YqxztyjsKSTGQCXdOzDFBkvXIAVPINrkD2wkp4f08b2_VKbAifCm2R9CI-D73bzv5F6a6uaTiFzOCgjhZm6xNc7JA4efEmk7gAwzGEwFulnv6EDqSGbUinJfNm-qBExVyrOg3bzoKkpGe_D-nVdrsx9Sudfz-FweJ3aenVO3C0pVuJR65QzPODezwd7ELvL6IETrfE9pLSEfP-1a4k9XZeTEXv4dk92ttX9wBXC6hub9RtXRnrmhmSnN0ccmL34gAROJRS31CBq9nAPqWRNXavGFBOJXeZiDOLPBc3wwrUO06HLZaeB8YzPS35-xcAkwWNyiroXjsn4SDk0Ig9YCw2Oobrd3he6EWnmnwEie4VreWtyOr5zPkw5N4x8DV-oH2LJXQpjCyxTfqaq599D-COcEaHO5HF1yIs-amLeUm0W8lqLwwgi-7GyyQqDbMWxParaJk0phH9aduSyZTvjBK3rxnSABi0&sai=AMfl-YT3TAqH9cT8UnZdj1pu1Ml_BLTcWvWOt6B_R57OdfOlJFeTbgLU1fOcseS7blybLdtaO8FkmAaofpGpLGvuP1xdWVJ_5ppG9hL4iCDc-5DMWnu0uFfJMzCLf-zCuvU5N6vbDjy3EYnbNH7WoK-JfwkRvsVN533E12V4Jw-XAqzRT8pA0zZRnWPExe9W6jwrv5pqn4EitcWE-Dh5dVws06wU8qZ-ahDOEVFnrpBgutcClgtnxO8GZlED1434Ylu2N1zxzOk4d1lh29SUZc8VmykIdVgupgqt&sig=Cg0ArKJSzJ94oyfWbjwCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=663&vt=11&dtpt=391&dett=3&cstd=265&cisv=r20231004.04726&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2C2D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
917628cc6c8d95299eb2fa595a0b5e83d3debb6aea50b83e0c70e5119dc0264a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5783
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1B2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMYPgqZqTvk2C2zJdFbCw7Hd-XG7VdQfhJXRn8jHry1S6tsSlzF2rjuCnSuLKz7c2cpap9Segy1NNQJCbcQST0jNFRJ5p20gpijhFI3wcdW1TULDwX7aRO42vzATq6C2bZlKso2sXIJtypOoBkjBvFWkGZQdPfGeHqH5BJtY72LsqOeFi-2eFB_b-ILjYKhlMTvwNXPvMHeQDYuYH4tnJr7kTzv9UJCPE1z0VCUQNQZNlNQcL4bvw_57O-sYrBvJO-A84tVxGG6C3lEqB7RFKGzawwfnoI4ZlpH3WWyZ4llFYEVcMpOE_oI6An5DoVAD5onihjEelmIhuHvbfpoCDx9jbKzY5774HH_hlJopB7uZs4d4IkAHMgVm4c89u34fggO20ZTpD2FFJNnDUPwb6SxevdVvZw5kjXo4Voyt1USGSePiSuALLLXLZKEqd14dMEcE9-hMx29b4tRmf2CNg8Hg3YMDm4wxuRyE6kIimgpPkZZuqZN-nLA36TSjHXLDOOjrw_PAKHA_zquivRjB7kezjYjPbsqhq0A0ypGDcisdZMp3j22K6s9mBAyjMT5MSBcEosp_XuYObMq-o-UDaCy1GK0NSrB1KLpgs1SERBTq4rLCCUZFS_Ql-VCoyclCIWhoOPc-JeEZSNxH2hFdFS2yKttWWmS7ZR7gkYgfPhB3zpyDlSG1gDL1_9PSlu8g_vjcIeydU9vi0mNnyYwzSYKUVqZhZ8kW2RHBuaKGXr-4lQwemA2QoSouB-hiyr0Ow7uJzFWWRJWVIycesk59FSsS2RtaLiHo4ZGTCJHQWPwy7QVda3PisyLuaeOXxD4zh45fWs1aaqAwG546AbvRRSPKL8EOxy_TuX-q47ni0qWPO8YWENTDbbDmbgSFeOHyubyA-3le9z-9lSgp1XwyaMB30QVLG7-kltJ_T47QZ7wMZiKpcaov0we3wmQYxN3dDvQo5Ee_o6iqQjlNOhs9cRyjNxcx1MOdlU7mqCwxuucIiJhusFYOr-ccZBMMARVL4zF1S8twFLJuB70zEy0np6IVnejAX-UdrMfgEirWPD_qgOFMsjxGZHjhr8dNL2_5PEFGb8Gf5DAHV4eZj3ah_mQHbEbcszQyqx0qA3dJUzp86HQECdLOM5Q4oDzxLtFWl1ZngrHZGiNWdsimzKU2A2xu9LjoEoU5CQguYNZoCO8Yub-Y9-7X3mgGa6PF6PGfSsgJz3y11yhYjY3bL-ASV6tRyoLp2BpCxYcrkYggUqB-9SxKHeRJOwINZG9uIUAmVGGfY_HEUH8KWgi0F-O-ZMhOBmKqAjcuWidrFo0U52LZZzit08DbolPTGzd9nh5vitZ1O57Ye63IRjjypZuA5E6McRN1K1ASvHqAen_4BAla4IzIL61GKLNTP3Iq7nrZXV5Y4gPYFHT8X_Z-r1boOSW1ic7HF5pHFDfy0P7_Voylzc&sai=AMfl-YRKpCT6hKs0t15xu-Lhzr1C3e900SFPixyj2oJJYjv9sl8c8F2Ht_Rm778DBTgMwwqnBvh8EflzoIO2wlpxTwARPgkI0yceNv4Z9t4wZ7jAVQVUYQHpSfgQvuM_hmbGgkyueTP4IdD-hy9xPmss1NoSw34rnu5O8Vctk0wIb5JzD6KLVomrNY7itNNvhF6L6AxJceu6ycIkYJLz8hegMXN87lmxMH9l-1BqBrc2qnd0CQ5GBgJ961s8WQL20aFwjKJflYLtAt6PPMdkAdIyVfVp6H2xIDOU&sig=Cg0ArKJSzCWJPsJLN9SEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=734&vt=11&dtpt=487&dett=3&cstd=240&cisv=r20231004.67566&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 86C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGcx4knOnlFNnbMy2Y9lfh9qAnwcKWewYKFyu0NRMe9pmnjOELXfjzT8GaFlo0MHfY19OCZqPbNn-1F5RriWWsGkXGyRsn_BsGtb6F9SFLsLenHHiHY60smA39v7K2qvDehb1bsnKSFoQIFtfYZIQz1ly7wLp5gkCZ_6kWXNsVZcBU1lizFH9dsf_zHfFEatWoWFZLaF3mDGkhTdMGHuUQrSTNY7H7tHL31qn7CmHcnuEZbx3qS9VhzcldTNrNGCURrEFFOrnx1lyjvjAPo50-Ei4RxfPvKNkgJqrV2n3FOB95vuq19vNgfAjx_fToFYgUjKIGUYbhedHqQ_NzuMJU_i945H0o2aJIgSsa59nas3BmhPp6s9q1LaDg3epFmz8cOx0lSY8E7ZBolIJYzyH4WETEXbDyT_JVYzpgv9Epccj78TtAhi4reveDEZ6LAYsH4RrwDMWcyWlbZYzbhG5VJI0pZmwDCwT4d65tWSoon4g2bvREgQghe0r2EWrg14vbIGVkWV2Um4sJQOgca-LGi-menqcuivFANcv97FKSEUTrUVV5JuPUnLOc__Nea1UrFpk66ifIL-mrTIV4j-k-UOTJDHbu1WYtbyrJue8fUSOh8-zI_7JZoUlc3gbbccdEiYgaX9LKws2LRGnIm2m3KEmnEQFVoZD6QLJ0BdOYTPZH6AVPBPqzGuP7d5NLd2e0Z2tizUjXt6uTlsLIRAPuIOkCEX0z5toUwc3FLeB9Ii-j6fMCoe1LA2QG7dGUXxNeHeC1gNJHkD63Alre3Ryejev89WmNCAy5S2QeFv4StwzA4aA0LWTFDk3Hu26-rRvT_VBlcRQNOaPoa8urlU9Aj5-kQMfyeIFbJXhkMsACEPegcTT0fPzSBL8_p_4Zrq1HNSoMMl28NjGIxEYc6YSXYGjDCk7SKHPDlt-OevXfBpCH_txinYuWGHEk6OzgB3_DdEN_3IiRZOSMP34rpaLmevunYI3LaH-7iKeVs0IS2HFy7dX4ZZAsBZvySaig4fuzp9tIrqc7BEaLku0GlFHUANGrW6A-lEkPYRt_KQwi_ckXAIuUE2Ksjnn4QVihVfiG39ARDJyPX8waFFfIjVWQ0BKENWL0jan_SW6wQX8w6G8KInelyIuPMqDxDWSTLTTG-yHioZ2-_YRZ1siwbb6NBu_MZbpjaF8968sKDTucras-jqISG6Oh1MZH2GU_2m1lbN0ftpKf8Qbv7QeqxIjkuI72Wx45ehtGwb44M-OCkzeJapGHahgldoX6k4z9rgAJjPagaZqTp4iqpzokSzjURDLCzyQ9yLd9j1SDgtcmIlZw9DYpNACSTiIj3vF9UKP__SaCvqzGraQNFaYPKGoYohXUAlX9bC7niB2R-GbF_4uFffaXg-SJy1SyJPHY9G5_QDTXzASB9AyyhO1y2wXhdCm7-r89m4zryA&sai=AMfl-YSYh_nuNH8W0tTdVOA45M8ouzkKCheX66DEnNQ1USDFdBRF5uTSJjqiR3VTizxKbVToNaOG1k4JaMV3oWK2JJSiOT_N0SyW-60fc79Iu8-6HN7F531MR0emxhRXIbKYNsUcVN7vvCw6pGr80NuzRa-DWrve1rp0bf3G6AY1PLwxdq1EeCOh0FnA5TgLVSwEWX47s5xF-Q3xm7X2OSw9jLF_x9w0_jbDHAQmU0a7i84Bgd2elJ91SAgLcj3IYVuuGsj63XdceQS7Be27zcM-YiOM3Uoouu8_&sig=Cg0ArKJSzG-Q5StHvctCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=815&vt=11&dtpt=558&dett=3&cstd=249&cisv=r20231004.42999&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B2FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst33TZq2XBj4DqzqCheKPdl94mxeSHFV4Nf6o8okJqH35xVQCCpQafYy-JWmpnttK81fVODCzmrjUQ2WlrqZnOwRk56kBBvO6UA_m4K8n7i_J2v9KaSFw6WxvRPkoWo_Vj4u3Z0NTwBVrGbDjxNUTutFwRqPPJwB0Khu1osbpzcPf-dvI0IJDBvUHnBb5IhJ5bc_KLgFjRA3FnvqBfrIFT1UWfQ0LSiTXp3jQRDdHaDUMVBrHpkLqlBDy5e5V0dpVSkoKTMPKRPjTREEDm81SUQdIt3ydh_5w00tjBXLDO8ntMC2ULjfx-O6mLzdq87BCadc4BPCOLf6q_xbSNhPTIV3y3GM3OvLs1kaSoHN539sqv-eqBTWILw9XtJ3eMRzOqPqEOCNFr3W39H4I140rdywOYe_2kEQ7jxglBzson8XCAO8iYfOMFzQtmMW8xE40WIg3cxkvh75cgxa6GCIjfv1nN03wUOW17LKAJKweoEaF8qCgWw0tHRYumXlG6UkYhqveElRhX16ypRJftfluaftE6tbh8n2-Qwu6RLi5b7X3jooM3AYP_YMQibYPNRo8T_jb2fPwehVWXt2aE2qSWrQmY5dp2zF0CVhP8aN6hHPau0aHwgEPo17yRDYsLdqLaU1cgRwgxWKDATpPbeS21Pjy_Go6LWIN0jA582-273yOS8Y-8U5mcMk5mrgo2ZdplVs2TLBKwf-YHZKvQGG0WmLlLeQXgtJeG2Yu2rx_9VvWx9ABQhGJJUsMwE88rVtB50QuM29oHTNW1E6tGqOTNno0ExO1Z7fsknNfn_RCJexQP2qKryddAAQ4pHx63tLwEYBl4bFnG5z6gvpQ3giFW_roEbQQIrP-87lyB2AKUy5Tq-xQO8HAOzdAk8kARUeQsZ-FlkN_IQebdn_k_avL1qXs3S9TG07SDj67dwXBvEuXONbMc_wV2BbqfJZdh8jj0PMTshqRjZ8NWKLYb_dpE0gTpF3h8WBFumTpOlD9gvRiH-g7IhKbPoLPml1dePSSJlQ8NBaVYoq8X1N4UdsZ0e9uo2laWtB6dvkxSk05gTaR_TT0BJzq65n1x6c9q6OowxGSIZb87KkRxpqKEFy7g8Hsio02lzmDdSGy8U3E97xmkm3F4LuBQglb-8M7JCT077F4AFjArXa1Q8o72SG6grf76f3d3HHmhYl2iAWjl0maw0hQ2KGxGqZXNDFJs746-NBNrtTgGLOW_X7kLJWb3T-EO8bIOny89kYJdPEXPZNIOSEj03Oio6lDOtu20qmhC2Ye7EqWKE9gJrTajO14uInOHuzzJsjIwAKJJ_Vr5Vpe32KYxcMb_3uA2k9uNePkPpNXDZt5Y3WOy0JzQhO8uHAwdJpUaZ5ZzF1p3ahHeHiyPwTmB8iSI1vgP7TsdD1lGNfL5ZT1yU3U0r_YtqH8N6JKmzyDyxm8LDG8xtKbbVOTUT&sai=AMfl-YThtz4UcRMnBdywQJwY2OvkQwOq1Gxkv02dBFuc79A-dspbi9dQCIO1zczziOvHNxwTYQgYl9h9NKkjLcFoZYzNW6BxgSB_gR6Ujk8C8Dxz4w9ngEuRVvL-R3Ah0Xra-HNqL9eZ-mcLCiUdy7EEnbME_j35MCnLDSuE7baVli1V_ASFi4zjq1mY_n9wwIwuyCKxYonHL-pkMSNPuHCXAzcR0SRxlc_cAVYhGGvkgJATKfyPP-TVG_Kn0G529dXx7kDi_D8_U7hKijx0HC9bJWnEGMj76owN&sig=Cg0ArKJSzDblWwUyKb-pEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=733&vt=11&dtpt=468&dett=3&cstd=258&cisv=r20231004.82514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6D94 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Oct 2023 17:28:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BA7A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Oct 2023 17:28:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8C76 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Oct 2023 17:28:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2C2D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Oct 2023 17:28:28 GMT
button.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		304 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/button.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 14:56:58 GMT
x-content-type-options
nosniff
age
9090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 14:56:58 GMT
updatedlogos_300x250.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/updatedlogos_300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:56:33 GMT
x-content-type-options
nosniff
age
23515
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:56:33 GMT
43882346_20230605040720440_113_Berlin_Destination_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame 2C2D 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20230605040720440_113_Berlin_Destination_300x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
de6f0465224d3875f51c7a77ecaa748aa72fefe427fa7483cc70e3b209a982e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 22:16:58 GMT
x-content-type-options
nosniff
age
69090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86756
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 11:07:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 22:16:58 GMT
1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/1200x628_RH-Radisson-Hotels_RGB-GREY.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:19:59 GMT
x-content-type-options
nosniff
age
4109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30313
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 16:19:59 GMT
cs
s.thebrighttag.com/ Frame 311B
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4rKq4eObvOKgbYKjnnHy3vdLjxMiKypb
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4rKq4eObvOKgbYKjnnHy3vdLjxMiKypb
Protocol
H2
Server
3.18.218.60 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-218-60.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-bt-requestid
42e3a960-66c9-11ee-a316-0000ac17014b
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4rKq4eObvOKgbYKjnnHy3vdLjxMiKypb
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1627806
content-length
0
button.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		304 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/button.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 14:56:58 GMT
x-content-type-options
nosniff
age
9090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 14:56:58 GMT
updatedlogos_300x250.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/updatedlogos_300x250.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:56:33 GMT
x-content-type-options
nosniff
age
23515
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:56:33 GMT
43882346_20230605040720440_113_Berlin_Destination_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame BA7A 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20230605040720440_113_Berlin_Destination_300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
de6f0465224d3875f51c7a77ecaa748aa72fefe427fa7483cc70e3b209a982e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 22:16:58 GMT
x-content-type-options
nosniff
age
69090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86756
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 11:07:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 22:16:58 GMT
1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/1200x628_RH-Radisson-Hotels_RGB-GREY.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:19:59 GMT
x-content-type-options
nosniff
age
4109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30313
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 16:19:59 GMT
all
csm.eu.criteo.net/ Frame ED7F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dVAn54KqU6imLmKYdvsKJ8EpWN6KJMoY9rRCj1szHLvROLAPpanUJa8DmBtGZ4m4iOO1C0ISGsKY9w1yMynBV6qYPWDpZE1LZw8pIgRDuPsy3xBAu0VbD9LcS3DYKn7hoquV9yMcrdN-yMaVD-CJ9DsgFTCWcLcr7FYHtcSWY5uGKGnbkfEKbYA2nx03CAvnBLPHGSobwgd3HWAP-aNBXufoVGYK9q_n1y89ZPeYLzGpK_GqJqOz0rytNTwy1YoEOI19tg&sds=2&rev=88731&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7CD3hdCHvN12xESYFcA%2BIz6XkXFwFLkhP6mWA%2FYhdKjJg%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vdSZT3SysNq3BaIjL8CxybNje5Qqm6EPy40kKgQ0sjwsmnpRB3XwVvY48MLj-berayAdE3rIlrYEuj3_qnVDlslKT_9OCcDAkE16-dTeEHklEwUi_n4zi7tqc_6GjLC45PX9DMJR5sPtugA3yzo4aDR5PEYUvIdsmYtqQdxpOmchq1itSalifG90l6qvAU4nxWt7NaKijNWH2OGrXD4yMnhW2uveBkP-HJzzRw6cLyk6MsKEM6WJgD0ofIX6CzqTLNM_1TIhDTjRGExy3DveDlIO8I7FN2eY2XGmn5DhtEdLDAavBy-a2wIesFjyx7wpFoi-hQWJEsoa-cqDjK3bzrcFJhedsFz_40EQcWofByy8PO3RG8-YGsO2ybxBzusVDzl1aieOls5asTe0AFaXtyeX1NcaVDBL_OXX38KZ0Gi_kQHnf7G6avlCY7vQCMXkWAsP-lm8OGazDyCC9NfVY7ck2QT5VtmUsOjxJIPKgVUXb5BiOI1PDp22ScY64XnUtr6VWhg0NHGwpy0omhrwHmj9vW03K_JQ39ugURR2rUUotfX7HzdZ-NUKsKmp6MJq_xzxq_MSHOUbsvvjawlWeWrcAej1fBprZQpcEzHO7O-BOVtK6DZrUDF8IjueFo84vSxNUynWRHFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
button.png
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		309 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/button.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 03:38:49 GMT
x-content-type-options
nosniff
age
222579
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 03:38:49 GMT
newlogos_160x600.png
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/newlogos_160x600.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 22:01:02 GMT
x-content-type-options
nosniff
age
156446
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15830
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 22:01:02 GMT
43882346_20230605040712784_113_Berlin_Destination_160x280.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame 6D94 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20230605040712784_113_Berlin_Destination_160x280.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
4f43910ca2e1b57bc4d9a9c0317085ec0c424778e88834784efb3cd2b816636d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:20:41 GMT
x-content-type-options
nosniff
age
40067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53057
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 11:07:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 06:20:41 GMT
1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/14595667868580172181/ Frame 6D94 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14595667868580172181/1200x628_RH-Radisson-Hotels_RGB-GREY.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14595667868580172181/index.html?e=69&leftOffset=0&topOffset=0&c=go13O7Jnza&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 08:06:50 GMT
x-content-type-options
nosniff
age
206498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30313
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 08:06:50 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame FB0A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
21928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 11:23:00 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 3FDA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
21928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 11:23:00 GMT
truncated
/ Frame 2C2D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
updatedlogos_300x250.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 2C2D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/updatedlogos_300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=faVmFNd3Af&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:56:33 GMT
x-content-type-options
nosniff
age
23515
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:56:33 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 12FC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
21928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 11:23:00 GMT
truncated
/ Frame BA7A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
updatedlogos_300x250.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame BA7A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/updatedlogos_300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=N92QsagUB4&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:56:33 GMT
x-content-type-options
nosniff
age
23515
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 10:56:33 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 32FC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
21928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 11:23:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 504D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIqGaOzgkZcajL6e79u8PzvqUiAEAAAAAOAHgBAI&bg=!wcKlwo3NAAYMG8UMLBs7ADQBe5WfOGY958dtsrpVRPQ85pjv_HfOLsSoliPrCLvjovBhrXWDEZuyATs8VdFO4soKlhJaAgAAAe1SAAAABmgBB5kDAJ9D_XPXWX22hqodY0lqdAhCzYSnBrK0GXU7uK9Fl1GKDS8Ci0alBJBzsBXLux4WeFcZrmLnFXOKOY-avoSWMZRib47Y6UvFCWsQVD2oC1YoKm-TXZzDfah348yhXiQS4bn64blEFgjUH6pqDcSSEiNwJkdS0AwYeijcM86YY4Izq6UsQLjNUCTxFuvmuNPT-5-4veU3qkUGiy3tQ5XCUq2tGEbGgQtZNacS-ftcVIUFmtew8MD9ezoJ_HlbHjMAGia0NADVylQo65bUNER1wHufs4LBhhocXthhSv7Qh_6yVszN5ww09egIHOHS0FzkbXALvNA7cTRMlnSBK3pu4vcHrA27HuNz9nebu1L5mSx7KJ3azc8QVmpktEfM3lpcL7SGZw5hgbfOC9EsM6uBXWYRFLZrIMj49eQgAIILSQgt4xC5RJXXeuBsN8UswuFS4KlCWqzTaZnDFVXqlB4aIP_J7a_f7ZE7axeWq8xUWsg0ce9RPTKuM_J5PE6XavdlejwvswHVbNIV8SS4gayB_ROU5hItuz2aJcvx6FjI7Phv_YVEDwVmOTgpCnywAMFqymk2Q6DZ4VUQEsAGjz2vm1FJVglAWjKIYLaAb24j4XsJ1nsBi8hJ-yDCeGbg6BFHw6Rwq4kKFZY1mhtLpya5soXvJ09mWmg9Zytfnh5Munq-DXC4dqM0xkGkom7L0jnqorhT-7Btnl1S423zzOW_RPwMQsmfNp2XdUTRmhUrZOFntBfUlSeB8iGTIWI2IqRZ3dKX25hLZU9Dm63cEaWGaQJFJnPE7DAJQ4GGvc6gA9WVtIif_2BoC9fseqjL-bgOFjcVdgj0zrJ2gkXXBl71ILhceR3hl_J84KuJYHVPKKtTsLa4C5TyPwefoiQ4Zgvns36HYD3_nqR5fp2NeuuZi0nadH6Ss2CszPzI6x2TT-5b9TO4_-B2hjr8q4U1BEU3c5A7lJNgG4C9E_j6sTe_4FYcqOmy-Bti630NYOJGigPMX9WtPZON93OSFMA_waM5jQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1B2F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZUYvQq1nsKDJpmifSnMCsOcQukgE8_rqy8vhrMc2VjCxENTgAxDIr2dNerfG9HFq_4I87W7GeaJxZ4k4QbbokwXJ8Gy8gVmg9JDKOquJqTdR_cu7jaEg1cyBqjetY4nIrA5XZ_Nvn3vG1&sai=AMfl-YStDnT8sOfrztLa-wcUqBeaXF6yz83ggmRE0b1HcnIPRnbWE7gY7nBB7FPoyKSwAW_jLWGkswWjVCW_k04vj-uXOq8z2Q6A3uQ60AZmGWcZQUjsi_ExDo-91R9C&sig=Cg0ArKJSzJxuFm1aqHwWEAE&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&id=lidar2&mcvt=1066&p=1000,199,1250,499&mtos=0,1066,1066,1066,1066&tos=0,1066,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696872507396&rpt=598&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 86C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4IHRCyP7bRfav7D57cun0Uhe85PZ2zp1WGUMMnLAivyIxuMgsamWkpFo-fbdTtmjywA1j6CHI8pPrV4cmeuoN7y4kdR09ysbDroftZTxnUX22824ESuGb69IxocT77rhsp3z89MhphXBS&sai=AMfl-YS3iNoeXnY2nPSYst4YREGLY5MvU1T__AISoO3I8wOrz_8w1PxZl-dYe_9oaDkKYhyyspmkxAf4R_PajjyYzOP6XEf5lfNmXeZoswAAe1F9975GeNqskk1FKHJv&sig=Cg0ArKJSzH0pi6oPlvIREAE&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&id=lidar2&mcvt=1041&p=161,1558,201,1599&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696872507359&rpt=539&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 25AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2Swc8XD6oZ8dWelwI9pzxDQ77cUYFHnCasj7-ngb20tpcZ3WBCpmmGJiZi0vU4xkBk2BpHp0riAxKns8_Dx3P4EpYCGNzKjjXnfseJst-n0px3-Q4Sf1AhGssy1yrVJGaX_CogL1E6gFg&sai=AMfl-YSsVu8vcF3--W_8e4cFrCPTWiWT1AcMW1n6DMNQsdHs-rSb_hHaBXK3-yRq9_fKD572w7Dv_kngXMlP7RnlDZ2dHX78yueHkC4Gv3YWERC83sloLRRV-r20A9Xw&sig=Cg0ArKJSzOraEJFXVZsZEAE&cid=CAQSPADICaaNFH9hSQMO7Czbhbl0ehCJH02YNJ9uxC0BgIYu-78Kn1wERKIixdoqy06lQyQsLOqvL_-yFrpLUxgB&id=lidar2&mcvt=1043&p=1000,515,1250,815&mtos=0,1043,1043,1043,1043&tos=0,1043,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696872507389&rpt=702&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7318 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4-DYOzgkZcuTM6e79u8PzvqUiAEAAAAAOAHgBAI&bg=!AgGlAU7NAAYMG8UMLBs7ADQBe5WfOO0NJNh6yefieATYxM5qqMbd8cFyOXWctotozCH85-CDmQ6Ck__dVHkjjrB2F6cNAgAAAiBSAAAACGgBBwoAT8-b-Eucod18lrXCixGRvhrF9wZ_3VTPDmtq1XjMpgTO0ZAExc4l1koufdktUMoFInItAkjRV7QKtOJ-CkssIzAbvw2i0P0rwx-9LsHOSdWZAwaQaZMVuUklpN-Gtr3Ftbi7uLIaBtUiX2Rs23VG6Rwiy3Q4SqHhNqGbhGboBvW6CQ-B_3aWwYTFjSE9kQEh9ZRjxKmMR0KwuXeS_MUjGizYcaUIbhBmXmfAja21lK6qIyFx2qocotj4zwwUgxyZ5g7NQg_Z2wDlwE8SqCl_Ssxpmt7y_dHC-b7l6o7lTJejRxVYa0RyDkUHY9dSsJ21cigEX5Ng2aSR1SI2SAwwVvb1OIR3EwacVMuIsqkyklVIVYbTjF96zq-ZfH9thVfQ5-Mm5f0l-lPG71FinxwMid6ZhYajvtgILXz41Tt3j_Cwy55SglQu6Ko1PrPmN1puFZdUCoDSYvCF9wKNvGWcgiK_XKdCWtzqGFdRe-lsn6yVfcI22aJpa8z-XsnonIB57z2TH1Fkz2ZQStKA8u8SqwcMsaP2tLiemncr0aBp_zBbm6JywUVF_4RGYZp42wNjXtQWi0ZoyU4IrNymAROrPey0ITIrif96IpI5BxzFPu4zRU6LEODOsLCYOrAy8W1t8PFBBVBybCMQ-CmcKkc7HJSB-ZlzZz1Y3ABCEBgsOp2WCdACyjeNsbDUV8Lq469uRXtVmMPp3bmU6LjRrEU6cigF-V6SsDvSCuknFTVaQikjKQ84cDWYML5dIYU07J6LLFx6iOEH1UeeC-sbcaUsNyZqdD6ki2jSbxJ8zUklsOYVENWbNFcB8q57ewLGjjV50YtWg2-ZLWK5jeY08t6ip75LFrQubLMlMyxh0wamMYZHZY1l_K2LivhrTyH3BAac4638HtDloVdC4cYM4gMnEeBuszLl9tZjQ177GaxAJPBxvaD0_CJEzdOi7d00i5XPSxsKfrdcl0S2Rm4pXnK6BUcwcQ1QJfP4aiyrWwqS3lV7t4bIbShd5llVaVKYc0OAtL5wyFhpuH0xCSVaOBM40Y4KMXe60l6M2fyzuBmPLW3J9YJKrx1eatXye6YM5AVt1GtQMdEVBNg2Cx-Xqm9yomM3wJEtEhSNvXxFOE9PAzQ5neUHl77tVsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B04F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo47dOzgkZYC_M4Or9u8PoqKooAEAAAAAOAHgBAI&bg=!3t2l3ZLNAAYMG8UMLBs7ADQBe5WfOLed05YgY3V3q4-12tspTzpIl4Rop5KHSHgQnamFeM1KOFpBcpjJmFg2w_-qKd-JAgAAAhZSAAAABWgBB5kDBtefJkCGf-ap2g59xTEhJaku1pBtWV0XtQLneQLPVyWkTSl6o-bVrCqRUHvLAfRAY165d6R2s4uTUgroTDO9K9ybuebW4TdKSa8O-rItQMRpTubtGxP0OkdTEr65vaP-rwaxoyeRXDWO9ncH1y_9WRQhMtEJ0gpp8_Vpc-xVf7ZvytoBtU5_U4xqYRNMAX6lYraRD-lyO9YeCi9qtUwIL-8CCwNAfJPwUv1VPLn9W5BIgvJaUs116Jqy4tXjpaC8SE0yTtnc012sS3TWwTdYyMSnwQE_2yFdKO-z6mU-ytdwC2XzoiefhkVHNwFf-Pm-MK9FqmDPIEXyZmH6igRN7I-67-Vfxa0aYOAN9w7QV6aTAVxVNvkSvlaGmMjb9l_e0kOnrkhCCUtFgqT0JkwLzptnQJ8Y5uPxz9sebtE1raCgaD8295YJAuz9FTveTsigY4Kg5N2v0iNYdvBxye1ptJDBXyVOPh7i5sYzbFHGFnays8hujgTTBfdo-pbdrBk7SyuNDoC-ji-0ahl7Jf0FG965fmOktrj9bLXA66yCOHQiCplRfN9npi1fER6K6oxKgcEMMPx0XdN05PtNqYoRiuQP1QtLhZtJ5N4EbkDSUI4_5TztIz-YdmcGhE5m0bNeyhmkp6bGGI_5VY9hieqCTZ5sd2XyJIE0rNSbS7IdQgPX6hWn-fgyctYWNRSQs7ybThPya4x6hBFZ4mvsxViDfvg2fq-M9PwTzzTmFZlm_hDuN-VvcO2hZTBBhxRYCzchJLgzJUpPOICwbPM1WRG5iKTbcv9LzXr9ZX9XjApDANK-HDZvVNFgKL1IuXUvFd4VrWH96wVO3kS3cLxvWrLeKe-BtMjcEerR6nOGeFNTroJmW65yPOs1sbuPKm9W8T8p9YUDOxlSyW6E3Ykk_0vgYTLJG1K8-3GN1JF074hpm-IOajfwtCAgDkRh7aOQ3UhvtwrkjwDUZdJ0-FZz-NGnxUbi9pY1UaBNxk4_17eV-A8Qx0ASNbLUQs001sH0J5IT0Lp1iAKy1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C278 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAWL7OzgkZcvGMpSy9u8Po7a00AgAAAAAOAHgBAI&bg=!y8ilyIfNAAYMG8UMLBs7ADQBe5WfOPzn3VZvNTL2LSjDEi7A0VT-TsRniSrnQnDQfYDlD8h4oTC_r96-wvjoU44pa3SaAgAAAmxSAAAAB2gBB5kC_zGcrBb0PVi-GrefpH_TiBjAsyIAFqTXkb4mnpGmeT9g33LjtcGsPsU4wmqIVgwy2vt55DogiQ449O1aFdwlT3_Wcf8sVpW5SCZUGSOHQcpNjv35ThxbOknoIWK973v8YXOfrVGFFFVQZIJtJvtk9KdOwJ0uFrlufqGZHGF3G_AtkNIoJULYdi6550VtkFVmg2sAVCoIrHYKXjbdX4w3nHMnd8NbyV7TOrxMLZT4eka85oAQUelMyoRj3GEfQl7OvuBmyY1XVGLv6peKR_5snrd95RcO_Mr2Hgd5iOBlYzyEUNQa1eBbVEJ49TJT3K9Eb1RWRy4ZiVP-8OSuyACW3nOAUYFd07QwVPeiC5ywnsP-lyyYn_DLC1okfi7NuBOV75phJTzFzGJDHrTeAeLyZS4qyc_CAmpuzTJ8EHru5WhuCnIMOq53UTNGxqqXw9hbD4yO4RQT-xnwVqhb_Q-hK_3oAn7PK4eL1PP0dUfLsQzes5Zai9DPo417gVpD0lLvHaViiCYVGufCGpQSdYXCi3PjV6kGpeqtq01ytLJoG_z8b0huwLYrNPBPG2z0VaFNQCXM8VNzj15Ke2DOPRrIfVfukdC73SwTgMSs3BOhfeyMJIQG-IKtPcY0a8wSl1tQi9RXa5ks_UUNEBjhK1L_td07yT0uujZOAoz5fk_4vXyhUlk8mGKp80VqDEDUw2WqkzrUoNxTWRVU78ead-LRnWqbtcriiUomrsUeliyHlpGCTR_eVkIoRL0W0A1ueMPtKmeoMMhrzxiyuynApGX5trtQOwTqOg0sMwLtOtoN22jCSvGwPwHD0eC5ZtEW5BJp1HklXgezka-MSfRqOkUK81Cl_zDkSUiGTBEeLu5XCW51Pe9TlPSzVQecxOcUosfGjryduKEdNMCt3hxkcGF9u9y1yf3i5bBnsl1FMCOrIBoT-QNjRdrG_yI7M9sNnKgZYeTby41c3CdMGF2PHAhhdoo4GmeCZKo_BdfOjVBWK6aKW01zQ9KufJV3iiEAXrdz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Oct 2023 17:28:29 GMT
syncframe
gum.criteo.com/ Frame C7ED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:29 GMT
server
Kestrel
server-processing-duration-in-ticks
796607
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Oct 2023 17:28:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 25AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6774419891139&version=m202309260101&ct=76&x=1&cor=14912880494073448000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame C7ED
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=GzeaJ3xzMU9aYktHZnIvRW0yVUhXQ3NnaDQzMllOS1JNZlgvOW50U3JsN1Y2VSt4UitxZ2tkNTZDd3RUY0ZGelZtWnF5cWdXZWRvWHB5VWF2Q2VUYThqOWJtVTA1RXBSTlNXNlJCSXJRV09ZMWs4NHcrRmtwU2FjTG5Kdk...
433 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GzeaJ3xzMU9aYktHZnIvRW0yVUhXQ3NnaDQzMllOS1JNZlgvOW50U3JsN1Y2VSt4UitxZ2tkNTZDd3RUY0ZGelZtWnF5cWdXZWRvWHB5VWF2Q2VUYThqOWJtVTA1RXBSTlNXNlJCSXJRV09ZMWs4NHcrRmtwU2FjTG5Kdk5RaU5PM1RYaGVaMVRGeUlyUVNvVnlwSGk2ejBwYUxtblRKSnk0VmQ1eUR1Q2xONWRYUDhjL3llV3dibDlHa05CblhpdVlvbkswVWV6dWY3N252bDZMUTFkT25VVEd6MnRjaFR5M2ErY1VIcUUzTjV6dkYvMU5CM0QvSUljcHhoRGpIajRrSmdRaTcvZTNVQzNxYmVLQS9GR3lCMEt1QT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6d43dae2e0f340ea84fea31cef022a5b60623723dfc32f7d4395e4edc898358c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
906361
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=GzeaJ3xzMU9aYktHZnIvRW0yVUhXQ3NnaDQzMllOS1JNZlgvOW50U3JsN1Y2VSt4UitxZ2tkNTZDd3RUY0ZGelZtWnF5cWdXZWRvWHB5VWF2Q2VUYThqOWJtVTA1RXBSTlNXNlJCSXJRV09ZMWs4NHcrRmtwU2FjTG5Kdk5RaU5PM1RYaGVaMVRGeUlyUVNvVnlwSGk2ejBwYUxtblRKSnk0VmQ1eUR1Q2xONWRYUDhjL3llV3dibDlHa05CblhpdVlvbkswVWV6dWY3N252bDZMUTFkT25VVEd6MnRjaFR5M2ErY1VIcUUzTjV6dkYvMU5CM0QvSUljcHhoRGpIajRrSmdRaTcvZTNVQzNxYmVLQS9GR3lCMEt1QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
263902
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B2F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1473353611383&version=m202309260101&ct=76&x=1&cor=12145148386681817000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86C9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1072979994932&version=m202309260101&ct=76&x=1&cor=14459367922749379000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4493028327385&version=m202309260101&ct=76&x=1&cor=17443527353865873000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 09 Oct 2023 17:28:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
277219
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
210794
expires
0
usync.html
eus.rubiconproject.com/ Frame F245 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Oct 2023 17:28:29 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame A216 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 09 Oct 2023 17:28:29 GMT
/
onetag-sys.com/usync/ Frame AADB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696872506648
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 77D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 09 Oct 2023 17:28:29 GMT
server
33XP002
x-33x-status
2000208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC8A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76268
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 09 Oct 2023 17:28:29 GMT
expires
Tue, 10 Oct 2023 14:39:37 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 2E83 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5e3903fd1d523bde94ac42b0120a2cf74da0228177373cc6681a151fb03310

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81385723498ebbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:29 GMT
server
cloudflare
vary
Accept-Encoding
pd
pixelgroup-d.openx.net/w/1.0/ Frame FAC0 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 09 Oct 2023 17:28:29 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 872F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27178
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 09 Oct 2023 17:28:30 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1458, 242019
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230051-FRA
X-Timer
S1696872510.020841,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 6A6B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
242
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
813857236f4e1cc3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:30 GMT
expires
Mon, 09 Oct 2023 21:28:30 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F245 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 12:26:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68235
Connection
keep-alive
Content-Length
10539
Expires
Tue, 10 Oct 2023 12:25:44 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EC8A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85478770&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
768322ec37f330841a1204ca476a652c9374e37e447145f4ef231a4878f79021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame F245 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 49BE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:28:29 GMT
expires
Mon, 09 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
611278
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame CA77
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 09 Oct 2023 17:28:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
H9Q3AVMN0ZBB3B6WD9QD

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 17:28:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B6J3WTJYHRSJ5QQEA8BQ
Pug
image2.pubmatic.com/AdServer/ Frame 818E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 09 Oct 2023 17:28:30 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eee6ExtjTKG0gMNxF3Rfhg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76267
accept-ranges
bytes
content-length
5606
expires
Tue, 10 Oct 2023 14:39:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame EC8A 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.35
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame EC8A
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3995694134
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=79E7BA13-1B63-4CA1-B480-C37117745F86
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=79E7BA13-1B63-4CA1-B480-C37117745F86
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:29 GMT
via
1.1 google
last-modified
Mon, 09 Oct 2023 17:28:30 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=79E7BA13-1B63-4CA1-B480-C37117745F86
date
Mon, 09 Oct 2023 17:28:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame EC8A
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=79E7BA13-1B63-4CA1-B480-C37117745F86
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTVjTUdoTzVNc0dTazJTYi1LS3RPRlV6QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8417708479376425483&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
52.202.131.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-131-94.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 17:28:30 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 09 Oct 2023 17:28:30 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame EC8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzlFN0JBMTMtMUI2My00Q0ExLUI0ODAtQzM3MTE3NzQ1Rjg2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EC8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIiOy4q3PWfTY_oeIxJq2W8&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIiOy4q3PWfTY_oeIxJq2W8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIiOy4q3PWfTY_oeIxJq2W8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame EC8A 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 08 Oct 2023 17:28:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EC8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8417708479376425483
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8417708479376425483
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8417708479376425483
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame EC8A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame EC8A 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=79E7BA13-1B63-4CA1-B480-C37117745F86&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
79E7BA13-1B63-4CA1-B480-C37117745F86
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EC8A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/79E7BA13-1B63-4CA1-B480-C37117745F86?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 46F5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086150a9495573a878d80839bfc34401adfd3b18c430079921e00de312f23974

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81385723fc5a5b38-FRA
content-encoding
br
content-type
text/html
date
Mon, 09 Oct 2023 17:28:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLiRqkeMSc57wruRyXUv97B7gbruiorFMPcnEZQpg6p84PX%2B6t%2Fc363pX7nVhWrHs4mAoB8ui1DRtj2ub3b3emf%2BcxWsoNTAkXulY1AASxSBYMdMzmhjQ81KEnxzuD5W%2BZ7v%2F2Q54XreYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 872F 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
an-x-request-uuid
24f5bed0-cf16-4e32-b99d-59ad9077c121
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2E83 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1040360
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
813857241b44bbb0-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dcm
s.amazon-adsystem.com/ Frame 46F5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Oct 2023 17:28:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WXCTGRX28DS76KF7E9TK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 09 Oct 2023 17:28:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
98D78BQXJHX5CBW2V0H6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 46F5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 46F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSQ4O6FjR-6R5cdb4Bjp1AAAFIoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP0phVvqS4vshSa8jafBTjs&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP0phVvqS4vshSa8jafBTjs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxEM7yEM0TT7v%2FMjr6LQskZS33Eff%2B4XcX4QCQVg4%2FWdaEXugbTXWhmLrrAMcKcsJJw3sMd8Suv4XruEwbfAzCxJqCFqPSWdAvkn4Ti%2FAQEHhABRUhkENgf4261nnVglsUX4fF3SNzM56A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857247d658ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP0phVvqS4vshSa8jafBTjs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 46F5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4235658876851245700
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4235658876851245700
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMCFxTe40EPOc9g4wRoq9JRdcGV%2FRo%2Fk%2BUXu20vrVB%2FGAEQ1m6MeeW5wwSd87EaQJGqUq9wQM5I3rmzqLhZebfcXW9ZZrmb6LboX7mOCync0c%2Fqe6wa5CITgStQqcjo5wQ5OK7cL6uVCxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857245d458ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
an-x-request-uuid
01d1541b-a051-4255-93e5-492a222ee15f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4235658876851245700
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 46F5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Kp2gkdvi1cFta75bXNNP&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258&tc=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Kp2gkdvi1cFta75bXNNP&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbaoaLfiTHEk%2BpK%2F6%2FArFqAtMBquPx%2BM0rsmKziFPg%2FpmHVpCn4Cy13CCrJo7%2F81EBeaHIan23bb4WdVVWnxpFM3pa9IQPWEAcBYT20VOdDSo6SyTTq7S8l%2F1dDuN%2FkMjO5sTDiYjli%2FBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81385724ada88ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Kp2gkdvi1cFta75bXNNP&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258&tc=1
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT, Mon, 09 Oct 2023 17:28:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 46F5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ZQVs8GAIbad-BD3zawFz9GtSP6J-Uj30awiMkld_
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ZQVs8GAIbad-BD3zawFz9GtSP6J-Uj30awiMkld_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2F3np5AQM8Vq1RTvazcKceXYmyFTCAUwQsHiNv9SUdp8InOzmNFG0k5pex56RM44z134qodzqT%2BxSVo8Lwszopc8LRJcmaf2D8iXSD7yy62NcenGKinrgp84YVEfKZ33py3l9mlC3hBJdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813857245d478ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ZQVs8GAIbad-BD3zawFz9GtSP6J-Uj30awiMkld_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ium
ssum-sec.casalemedia.com/ Frame 46F5
Redirect Chain
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaakif7g7dbaccagfifbaaflceb6kkkliaabackkc2jl
0
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaakif7g7dbaccagfifbaaflceb6kkkliaabackkc2jl
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ln1OwhLmFOhuAWsdLuy7rd%2FlqDTlJe79sgg5b6tDKgrU7uwXQm1Sf5%2BGbmX5P3yg9AXr%2BxQnCUeP42IdYHttaTVPXYsYHaqOAhXJvYwixwDu%2FxdvwM0Tz9p%2FD1InH%2BXPkysTwNAZsBjpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
81385725ef238ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Mon, 09 Oct 2023 17:28:30 GMT

Redirect headers

location
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaakif7g7dbaccagfifbaaflceb6kkkliaabackkc2jl
date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
813857248bf75ca4-FRA
content-type
text/html; charset=utf-8
tp_out
d.adroll.com/cm/index/ Frame 46F5 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:3111:dcd8:6ca0:7e34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame 46F5 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSQ4O6FjR.6R5cdb4Bjp1AAA%265258
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
61740
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8138572458941cc3-FRA
content-length
43
expires
Tue, 10 Oct 2023 17:28:30 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 44B0 		0
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
813857246bc5bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:30 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame DA6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 9DB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 09 Oct 2023 17:28:30 GMT
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 60AB
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Mon, 09 Oct 2023 17:28:16 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:16 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
smwt256.gif
us.ck-ie.com/ Frame DD70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 09 Oct 2023 17:28:30 GMT
Server
nginx
8417708479376425483
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 38F2
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8417708479376425483
0
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/8417708479376425483
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81385725de0bbbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 09 Oct 2023 17:28:30 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/8417708479376425483
server
nginx
playlistY_360P_673167.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame DFF4
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c4...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673167.ts
446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673167.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3745d02b3a38f44c16e55ffbe4276d5d1c1e800dcd9ce7dd6691a7d33655faaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:05 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
456276
last-modified
Mon, 09 Oct 2023 17:27:44 GMT
server
AmazonS3
etag
"356ecc2810515bbed3d7700d4d37cceb"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
6LCI5eNAdf7lEm2ewPoRQR4MwDiO-oIbUhOp1RM_S7XI76awJquw-Q==

Redirect headers

date
Mon, 09 Oct 2023 17:28:30 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673167.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
wOuJWa_ILbFt-c7IaFJCQJ8vkrlXou8iMTox6owL150ztglVyHT0EQ==
b2a85da0d943a1a77fe3251a9ea067df
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 6F66
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
0
587 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
813857262e83bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 17:28:30 GMT
Expires
Mon, 09 Oct 2023 17:28:30 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b2a85da0d943a1a77fe3251a9ea067df?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696872510403001-337
v1
match.sharethrough.com/universal/ Frame 2F4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.44.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 09 Oct 2023 17:28:30 GMT
playlistY_360P_673168.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame DFF4
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c4...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673168.ts
448 KB
449 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673168.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3737f64159bb143ff2e2b0687bd714075c044698d5459c25b80727755a1e858f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:09 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
22
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
458344
last-modified
Mon, 09 Oct 2023 17:27:50 GMT
server
AmazonS3
etag
"1255b94e107198c5169ebded59d8fee8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
eC34np_VAoaZUFvDA8vHRUAq1l-0n9swoeA3CPngZTt65lOAqw6FPA==

Redirect headers

date
Mon, 09 Oct 2023 17:28:30 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673168.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
7Yq9AjI245729EpgdvwKMBM1ySJuRbPPofvwXCiRYAgDIAtFI9kUNg==
smw888.gif
us.ck-ie.com/ Frame 0FD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 09 Oct 2023 17:28:30 GMT
Server
nginx
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1060927038&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1076015235.1696872505&tid=UA-4780630-1&_gid=1612521642.1696872505&gtm=45He3a40n71T728TH&cd1=1076015235.1696872505&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=172505472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 16:44:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2650
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
playlistY_360P_673169.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame DFF4
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c4...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673169.ts
445 KB
446 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673169.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4693fb63b2cee4d73c4241e2d7502c2d7c054becd1d0af11b1c0c88994ba5ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:15 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
16
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
455900
last-modified
Mon, 09 Oct 2023 17:27:56 GMT
server
AmazonS3
etag
"076aec9eeb5e63d7d512e2d0efcc9667"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
misPA9mV3fyG41xTu93QTLGsDfqoonc1Dmbrp1aem2kGvpcu5L0xvQ==

Redirect headers

date
Mon, 09 Oct 2023 17:28:30 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673169.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
G_EByei8Q5Whjq5v66gkFx42rhwR9l67QhFGFDUi80Q4TGnLy6z-IQ==
Kp2gkdvi1cFta75bXNNP
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 69C5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Kp2gkdvi1cFta75bXNNP?pi=smilewanted
0
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Kp2gkdvi1cFta75bXNNP?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81385726ffc4bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 09 Oct 2023 17:28:30 GMT Mon, 09 Oct 2023 17:28:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Kp2gkdvi1cFta75bXNNP?pi=smilewanted
pragma
no-cache
playlistY_360P_673170.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame DFF4
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c4...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673170.ts
429 KB
430 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673170.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
840d42e8411ef77ff785c72d6039f717bf5cb3231f26f1f02b491e094e73c939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:22 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
439168
last-modified
Mon, 09 Oct 2023 17:28:02 GMT
server
AmazonS3
etag
"a3987992271e2637ccb2dc23b7ce835c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
SoFR5XjHSBtDNkFWfrc9DGJhrK_qT71PdReatAEyBWHIFMS84VWR2g==

Redirect headers

date
Mon, 09 Oct 2023 17:28:30 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673170.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
o6Lsh8o3m0fCVIvezNnyYnO3oApUM4EUVekgPQzA0DWTG9ynWmxu5g==
setuid
ib.adnxs.com/prebid/ Frame 0434
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=208aeab2ae20b25eee516dd3b281c3a0
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=208aeab2ae20b25eee516dd3b281c3a0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
57394b3c-2000-40e2-a120-5f5f618abded
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Mon, 09 Oct 2023 17:28:30 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
813857273815bbb0-FRA
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:30 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=208aeab2ae20b25eee516dd3b281c3a0
server
cloudflare
3611636-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/3611636-46.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e5a5e64a651a22763862afed626a58d4d67bf771c76e6d8e4474c6bde69a8319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:05:37 GMT
via
1.1 google
age
22973
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125774
3611139-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/3611139-46.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 03:36:56 GMT
via
1.1 google
age
49894
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40048
async_usersync
ib.adnxs.com/ Frame 872F 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:31 GMT
an-x-request-uuid
39cd7077-6cd1-4c7d-8d8e-99e785a043d4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EC8A 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da6... Frame DFF4 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac714cc59e0f827c2195acd968291e0b09ce1f04faa55da4e1e25b57cc68a0b24a4fc32a10fa84449add01ba81810e83118370f1099cc7f3828045828ec463ac03d0d0683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a4fd3bd3f9de542fb4db808a9ea48b5bfaf9f434c7989c5526f65d08d32432a5441df4eded88cf5766f8af35e1f2dac3b8871796ec2b9a3bce5b2af5a2c1f88d9403d415c58d429b090c2cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b09eac69375aed732b8915ab5eb3b8bbc0f9e36f8b4f/110/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
/
Resource Hash
8b7bb46cecb614a1050fc6b09c13af180de8a8bfd7383ba27c03567f2eeee23a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:32 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Mon, 09 Oct 2023 17:28:31 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-1209ea83, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
LtgLYBBB0HU1RMD-T7ME77iTPwZbXqIoNIAzzITEOGwp-zvfFB8qEA==
playlistY_360P_673171.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame DFF4
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c4...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673171.ts
454 KB
455 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673171.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f12c531c411e01f838df03280d45adb1518a0e8e79c2e3b093883eb05d279ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:28 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
464924
last-modified
Mon, 09 Oct 2023 17:28:08 GMT
server
AmazonS3
etag
"b1b6ee87fe3ec9523a38301f4c3edbed"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
5nX-mQ-FHW683yIsfZ8-1oCbo19_OPLcIQyb6JLtfMHAFsfoeceArQ==

Redirect headers

date
Mon, 09 Oct 2023 17:28:32 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673171.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
J4TJgmbNbrE39XV2L5si856UDg7vFC2aFbbxV8Pbh2aU8fzUSGTUsg==
playlistY_360P_673172.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame DFF4
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb57381b6573618f84cb3a64cef646829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c4...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673172.ts
450 KB
451 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673172.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d4d6865478389469b20e8fca242e9fa69eab9604a77c3823c125cd5749a729c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:33 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
460788
last-modified
Mon, 09 Oct 2023 17:28:14 GMT
server
AmazonS3
etag
"efd1a417dde1485b4063896ab7fdf758"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
qUTbeygHIlN-jeOtOkZgRbypDwJXb3IbPnrOjYHH8k2UKceRGZ6kMg==

Redirect headers

date
Mon, 09 Oct 2023 17:28:32 GMT
via
1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_673172.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
UAn6-Nn54Y7OYGfnkMxpopaaYH87fcc8mAQNL_QgYoNvojqlxEJwNA==
PugMaster
image6.pubmatic.com/AdServer/ Frame EC8A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73755953&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
281bbc344087704ad03cbcdde07094edbc3b724f9066afc76ff5ef40e49097a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:28:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 3389 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 09 Oct 2023 17:28:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 582A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4235658876851245700&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4235658876851245700&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8605ed17-1861-4440-a118-e3d2c4f19ab5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 17:28:33 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4235658876851245700&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 355C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288011948821313684&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288011948821313684&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 09 Oct 2023 17:28:33 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288011948821313684&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame F817
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e3bc18b3-3499-4914-bffb-dfc58ba17b05&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e3bc18b3-3499-4914-bffb-dfc58ba17b05&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 17:28:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 09 Oct 2023 17:28:33 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e3bc18b3-3499-4914-bffb-dfc58ba17b05&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame E79C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UAhy-nplVWFc6x2NpdOJES2NmEw&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UAhy-nplVWFc6x2NpdOJES2NmEw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 09 Oct 2023 17:28:33 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UAhy-nplVWFc6x2NpdOJES2NmEw&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame EDD4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSQ4QQAWekuIrgAN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 09 Oct 2023 17:28:33 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230112-FRA
x-timer
S1696872513.272106,VS0,VE92

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 09 Oct 2023 17:28:33 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSQ4QQAWekuIrgAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230112-FRA
x-timer
S1696872513.172625,VS0,VE91
Pug
image2.pubmatic.com/AdServer/ Frame 135B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGZkNrN0tTSEVBQUJoWkZVT0pLdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAFfCk7KSHEAABhZFUOJKw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFfCk7KSHEAABhZFUOJKw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFfCk7KSHEAABhZFUOJKw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3452735518411175959&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFfCk7KSHEAABhZFUOJKw&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFfCk7KSHEAABhZFUOJKw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 17:28:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 17:28:33 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFfCk7KSHEAABhZFUOJKw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C711
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 17:28:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 09 Oct 2023 17:28:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame EC8A 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=79E7BA13-1B63-4CA1-B480-C37117745F86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
813857373bd0190d-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame EC8A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=79E7BA13-1B63-4CA1-B480-C37117745F86&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=79E7BA13-1B63-4CA1-B480-C37117745F86&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=79E7BA13-1B63-4CA1-B480-C37117745F86&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:42 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:42 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=79E7BA13-1B63-4CA1-B480-C37117745F86&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame EC8A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2db483a33615126f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:33 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame EC8A 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:33 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame EC8A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:28:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame EC8A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7741086008117221691&gdpr=0&gdpr_consent=&us_privacy=
1 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7741086008117221691&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 17:28:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7741086008117221691&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 09 Oct 2023 17:28:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
simage4.pubmatic.com/AdServer/ Frame EC8A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:28:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPTOR3UcENbHobCvo5USWZE&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData object| google_tag_manager object| google_tag_data function| _ object| dmp object| IDXSurvey object| GooglebQhCsO object| gaplugins function| postscribe object| google_tag_manager_external object| _taboola object| TRC function| _typeof object| _tblConsole object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __twttrll object| __twttr object| ggeac object| google_js_reporting_queue object| _0x4595 function| _0x53c5 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| adoric object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg undefined| google_measure_js_timing object| _cbm number| google_unique_id object| __adoric__ boolean| IS_ADORIC_LOADED function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| webpackChunk_smartlook_recorder boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| PlayerSdk object| WallaPlayerApi function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image number| google_global_correlator string| nam object| placementData object| GoogleGcLKhOms object| closure_lm_107074 object| cmTag object| Criteo object| owpbjsChunk object| owpbjs object| PWT object| a object| _cm_wfCounters object| sas object| apntag object| _ADAGIO object| sw_consent object| ONFOCUS object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

122 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _gcl_au
Value: 1.1.1711072935.1696872505
.walla.co.il/ Name: _cb
Value: CUmyPgBy2e1HDoneE8
.walla.co.il/ Name: _chartbeat2
Value: .1696872504832.1696872504832.1.sSJe6CqNLMZBxm9d7JOyb_OLQos.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gid
Value: GA1.3.1612521642.1696872505
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _t_tests
Value: eyJHZ0M4RDBoY3J5cENkIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCMFc4bFQiXX0sIm50UjNwOGlPVnZJNVgiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJlTWwyWSJdfSwiY2pBR1hxYlJ1ekJpWiI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQ3o1dHNVIl19LCJPV0V3Z2FkaFphM0pFIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDSkJYZk8iXX0sIm5aZkZNMkdXTHZxU28iOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkRza3pfMSJdfSwidWVNWEtEOFJoQzlJOCI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQ0s3M0dYIl19LCJ2YkNCYUNSQW1Ed1V1Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCY0puV1kiXX0sImVXWlVJMjJPMmE3a0YiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkRsZHlDZiJdfSwiNTMyVHFSQmhnTmhaOCI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQ0tsSDRGIl19LCI5dXh3c0R3S2hKQWY5Ijp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCT19XcjQiXX0sImxpZnRfZXhwIjoibSJ9
.doubleclick.net/ Name: IDE
Value: AHWqTUkz-f2Jp4D7W-vhyrLTuyEgErvDTtfw9cxs0kpE5eM7uUxSGtP0fRCk5tb4
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1696872505.1.0.1696872505.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1696872505.1.0.1696872505.60.0.0
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: __gads
Value: ID=f4de6d675d53b6aa:T=1696872505:RT=1696872505:S=ALNI_Ma7A25b9qRmY3ND0Efw5icVYqj26g
.walla.co.il/ Name: __gpi
Value: UID=00000c9331817db1:T=1696872505:RT=1696872505:S=ALNI_MZb37zygZNMULaHEWys0bx3XrR6FQ
.walla.co.il/ Name: _ga
Value: GA1.3.1076015235.1696872505
.walla.co.il/ Name: _fbp
Value: fb.2.1696872505928.1885170776
.dxmdp.com/ Name: dmpid
Value: c63f4ca4-f983-48a3-9e54-12fb1b4ccc6b
www.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dca080f31-1601-41e9-b8f1-c54c6e37c2ae-tuctc1dbdb9
.dxmdp.com/ Name: audids
Value:
.getrockerbox.com/ Name: uuid
Value: rbcr-fd949c7a-3696-4698-ad08-4be0e298371a
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.script.ac/ Name: __cf_bm
Value: TVvM4UCdrDJo1dF04.JfBLghgo57XBvNv3yhHnDNJ0w-1696872506-0-AcFokrHzDVtFyt5H88V3jLKf5uXt2pTg+9j3X6Qn+0s6GtL0wM4XIFfZGTMjJerxcGEDxkuHmXlEdWq4Zp+yCqg=
.rubiconproject.com/ Name: khaos
Value: LNJ62TRB-21-63IN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpmihT4y7ZnzSAkF7RiBdb4AgvEG2sPPZosxPxU5qr+6ELLorigZUdouOYdOTdJHhkjwJGYVf1/R+BxGCOXoSK1/sl3J0mLRJa+xUA9sgf/4b7FQD2yB//h
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwuvCQqQY4AUABSAEQuvCQqQYYAA..
.adnxs.com/ Name: uuid2
Value: 4235658876851245700
.turn.com/ Name: uid
Value: 7741086008117221691
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8f86bb3c-5b8a-46a4-bcf5-444e7c09bcfa-003%22%7D
.criteo.com/ Name: uid
Value: 69a96176-48fd-4561-93ae-5c8feee43970
.bidswitch.net/ Name: tuuid
Value: e3bc18b3-3499-4914-bffb-dfc58ba17b05
.bidswitch.net/ Name: c
Value: 1696872507
.bidswitch.net/ Name: tuuid_lu
Value: 1696872507
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: a3fd4cec-bce1-531a-9d91-741ef8b54c25
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMID
Value: ZSQ4O6FjR.6R5cdb4Bjp1AAA
.casalemedia.com/ Name: CMPS
Value: 5258
.casalemedia.com/ Name: CMPRO
Value: 5258
.ads.stickyadstv.com/ Name: UID
Value: b2a85da0d943a1a77fe3251a9ea067df
.betweendigital.com/ Name: ut
Value: ZSQ4OwAI1bjpp0eM0ju5MYHWHFmKRC3L95plFg==
.doubleclick.net/ Name: APC
Value: AfxxVi7S6bNESWgbAs76ELONxdDrh5A8v9g0Pf-hRenPyzxRTwBjcA
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%224226e910-66c9-11ee-937f-d9bd3fb5f678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%224226e910-66c9-11ee-937f-d9bd3fb5f678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%224226e910-66c9-11ee-937f-d9bd3fb5f678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%224226e910-66c9-11ee-937f-d9bd3fb5f678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-IAzvEM6tPI8VbmfkYeKL6tTKM022YF6t8eDYhA%22%2C%22version%22%3A%22criteo%22%7D
.media.net/ Name: visitor-id
Value: 3398741075428466000V10
.media.net/ Name: data-c-ts
Value: 1696872507
.media.net/ Name: data-c
Value: k-0renaM6tPI8VbmfkYeKL6tTKM00zNewYud4Kew~~3
.omnitagjs.com/ Name: ayl_visitor
Value: 65b1dd2ba5d8a4b3ddcae84020990527
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-7H7xyc6tPI8VbmfkYeKL6tTKM02COPEi9u1tmQ&KRTB&23144-uid:k-7H7xyc6tPI8VbmfkYeKL6tTKM02COPEi9u1tmQ&KRTB&23286-uid:k-7H7xyc6tPI8VbmfkYeKL6tTKM02COPEi9u1tmQ&KRTB&23287-uid:k-7H7xyc6tPI8VbmfkYeKL6tTKM02COPEi9u1tmQ
.3lift.com/ Name: tluid
Value: 2988030505166575079661
.demdex.net/ Name: demdex
Value: 39712797445769333632455440596520069490
.yahoo.com/ Name: A3
Value: d=AQABBDw4JGUCEKe9a0MMTwDepxUQktHw4tQFEgEBAQGJJWUuZQAAAAAA_eMAAA&S=AQAAAk6dRuFNHGCPMaNXBIPpjsw
.ctnsnet.com/ Name: cid_49ec43f96c9d4610abb511f4769231c2
Value: 1
.ctnsnet.com/ Name: gid_CAESEJShYRR0kbhqrrI6s9XUFNU
Value: 1
.simpli.fi/ Name: suid
Value: 0C011F2B78A6430186B9463D687B21FF
.csync.loopme.me/ Name: viewer_token
Value: 58b62a81-d675-49b9-bf57-f22eab2cef86
.tremorhub.com/ Name: tvid
Value: 830c9bdc658848dd824542eaed8feb13
.tremorhub.com/ Name: tv_UICR
Value: k-vDJA0c6tPI8VbmfkYeKL6tTKM02XKHdwLDPk_Q
.dpm.demdex.net/ Name: dpm
Value: 39712797445769333632455440596520069490
.quantserve.com/ Name: mc
Value: 6524383c-4c781-08baf-bc088
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%224A6A6DFD-B9A1-4E90-37B2-DD6BF60DFF6C%22%7D
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.3396061815852326868
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 79E7BA13-1B63-4CA1-B480-C37117745F86
.adform.net/ Name: uid
Value: 8417708479376425483
.postrelease.com/ Name: opt_out
Value: 1
.krxd.net/ Name: _kuid_
Value: P2FT1T6a
.walla.co.il/ Name: cto_bundle
Value: ssBhal9jQVJqMWtNcFBzdiUyQmhUQUdsSHhYU2ZWbmFXZ3JHOWZCNHNZazk4Tnc1YXNLa0F5dFo1U3dOU0hYVnBZM1Jsc1BNZFNST2xTJTJGNVolMkJKWWNicVFzTiUyRnVDNFJ2djNIeFV2ZjZETWVVM0IlMkJPWWc1UVI4QUVuamlBeUlPaGtaJTJCU21UcFZYZTBvY2dBUFM0dUZuWUdOWHRZR1ElM0QlM0Q
.weborama.fr/ Name: AFFICHE_W
Value: acVQc66Q8nFp30
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8417708479376425483&KRTB&23263-8417708479376425483&KRTB&23481-8417708479376425483
.quantserve.com/ Name: d
Value: EEkBFQGSKoEO-TC_vLEA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8&KRTB&19420-SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8&KRTB&22979-SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8&KRTB&23403-SW2U6kxglb1SbMXpR2mL7kc6x7hSOsXuR2BtvcL8
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIiOy4q3PWfTY_oeIxJq2W8&KRTB&23025-CAESEIiOy4q3PWfTY_oeIxJq2W8&KRTB&23386-CAESEIiOy4q3PWfTY_oeIxJq2W8
.creativecdn.com/ Name: u
Value: Kp2gkdvi1cFta75bXNNP
.creativecdn.com/ Name: ts
Value: 1696872510
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: e5cMGhO5MsGSk2Sb-KKtOFUzA!20220908!1696872510432!ip#45.141.152.76
.audrte.com/ Name: arcki2_pubmatic
Value: 79E7BA13-1B63-4CA1-B480-C37117745F86!20220908!1696872510435
.smilewanted.com/ Name: sw_user_params_infos
Value: ob00N1JfwHVzQyDKyI%2B1ClhZrmTHF7Aq7%2B71Sw35CNaLJIN61y2KMxtAqDQ9rhTOvlB33ee0AhJa5RmUwAm4%2Fa653kVa64%2B8sLw%2Bk2gs1EUyCpME15VagtvKdd7Cle5UouGSULIWMJSYQ%2FEed8W%2F%2FHJEG24bPlUL%2FYwipUVUqiRlivnvUMxTF6Q%2FwkYGOiJeeVRdOInBkvVour3NJQJkOF2xzwT16OgkQiu%2Bu8QF%2B0Wu6T2y7U6wKGWlf5j2NlFQnK5RsZorPrbDzEmnzzP8sbqfg6BBmFYjt3J89lTBMTl3wSHzbaDrlXs2xX%2BLnUSr5Upjn6DK6gn1pxaqfwYLAcBj9WZR7FsWUeUXASaZrjaQCTmF63kZzurujlTdm1T7kSPl7%2BO%2Fb4V52OrZ2mZGoV%2BZJBEoGKvn0MvuscryNjgWdjlSzctwoYScuD%2BzYHeZJEOx5bPA%2FIR4i93dUOk4Nl%2Fb%2B%2F5KIUedBuem1gZIlKy43sLjrgof8mr7e%2BndPbWZ
.audrte.com/ Name: arcki2_ddp2
Value: e5cMGhO5MsGSk2Sb-KKtOFUzA!20220908!1696872510570
.adnxs.com/ Name: anj
Value: dTM7k!M40mg1yl1ghqdmU(7TYO<$^>#?nIeN:uKgRe4r:[f-zyRnu7%!G@W*VELfSZXzfS<epo4AcQ-A6Mv:H8B85%0Kf+%ekZIYe52Xzqk!zsAV=l*)(`M=UF`q+-P_6`Dtf9'r?%-tWVnJ:UGD1!TICD**ZlXzSNP7Qd)KmvZ0rmESiQX+E@eLwE@>B7V`X``G4wtwD`uyBDD4q%FL]QnY<exFNhTpc)2rX-
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIyMDhhZWFiMmFlMjBiMjVlZWU1MTZkZDNiMjgxYzNhMCIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDE3OjI4OjMwWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTA5VDE3OjI4OjMwWiJ9
.amazon-adsystem.com/ Name: ad-id
Value: A7RsCRrtYU3rgqPtpGSEEmI
.audrte.com/ Name: arcki2_adform
Value: 8417708479376425483!20220908!1696872510711
.pubmatic.com/ Name: SPugT
Value: 1696872512
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 160447:4
.pubmatic.com/ Name: DPSync3
Value: 1698019200%3A219_197_201_245_241_235_227_226
.pubmatic.com/ Name: SyncRTB3
Value: 1699401600%3A203%7C1698019200%3A166_71_3_234_220_13_55_233_22_8_21_56_54_251%7C1697414400%3A223_15_2%7C1698105600%3A35%7C1697673600%3A63
.adfarm1.adition.com/ Name: UserID1
Value: 7288011948821313684
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7741086008117221691&KRTB&23150-7741086008117221691&KRTB&23527-7741086008117221691
.rqtrk.eu/ Name: browser_id
Value: 1:ce27c5a7-313a-4365-820f-58660972e0b1
.onaudience.com/ Name: cookie
Value: 2db483a33615126f
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7288011948821313684&KRTB&23369-7288011948821313684
.zeotap.com/ Name: zc
Value: 8cad87b4-8556-4a16-4e03-9f13ea1012cb
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4235658876851245700&KRTB&23339-4235658876851245700
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e3bc18b3-3499-4914-bffb-dfc58ba17b05
.onaudience.com/ Name: done_redirects147
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZSQ4QQAWekuIrgAN
.bidr.io/ Name: bito
Value: AAFfCk7KSHEAABhZFUOJKw
.bidr.io/ Name: bitoIsSecure
Value: ok
.semasio.net/ Name: SEUNCY
Value: B18FA0AFE1F55E5F
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0eaf0c07f8bcc68b
.smartadserver.com/ Name: pid
Value: 3452735518411175959
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFfCk7KSHEAABhZFUOJKw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFfCk7KSHEAABhZFUOJKw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-500872fa-7a65-5561-5ceb-1d8da5d38911.dCDef%2BBh3%2FFaoJfR%2FdZ5vAbkCAD1fmGrn1KQHuBE9AQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-500872fa-7a65-5561-5ceb-1d8da5d38911.dCDef%2BBh3%2FFaoJfR%2FdZ5vAbkCAD1fmGrn1KQHuBE9AQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUAhy-nplVWFc6x2NpdOJES2NmEw.ytXOL4kuXrYxtzLPLOrElrhOG1OIVtS%2BxyJQ0lmoSKQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUAhy-nplVWFc6x2NpdOJES2NmEw.ytXOL4kuXrYxtzLPLOrElrhOG1OIVtS%2BxyJQ0lmoSKQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICi_UwGIV8YzPpAr0X0RxUo3DmFNfR8Wg5_GsAhNtTb1EHwYBCDB8JCpBjABOgSAjA8ZQgSy4HFE.rifT7GL%2FBzP%2FFyMjLbsw93LKjWyAMbzWs7mRqQT49NA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICi_UwGIV8YzPpAr0X0RxUo3DmFNfR8Wg5_GsAhNtTb1EHwYBCDB8JCpBjABOgSAjA8ZQgSy4HFE.rifT7GL%2FBzP%2FFyMjLbsw93LKjWyAMbzWs7mRqQT49NA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-UAhy-nplVWFc6x2NpdOJES2NmEw&KRTB&23334-UAhy-nplVWFc6x2NpdOJES2NmEw&KRTB&23417-UAhy-nplVWFc6x2NpdOJES2NmEw&KRTB&23426-UAhy-nplVWFc6x2NpdOJES2NmEw
.pubmatic.com/ Name: PugT
Value: 1696872513

4 Console Messages

Source Level URL
Text
other warning (Line 1)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPTOR3UcENbHobCvo5USWZE&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=79E7BA13-1B63-4CA1-B480-C37117745F86&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
2e978f252600d0f9c8b331a1144b8996.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.twiago.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
amg01742-walla-wallanews-ono-btlna.amagi.tv
ap.lijit.com
app.adoric-om.com
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
cat.fr3.eu.criteo.com
cdn-uw2-prod.tsv2.amagi.tv
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cf.dxmcdn.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d5p.de17a.com
dal.walla.co.il
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
event.dxmdp.com
exchange.mediavine.com
fastlane.rubiconproject.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
ids.ad.gt
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
imprammp.taboola.com
jadserve.postrelease.com
js-sec.indexww.com
mab.chartbeat.com
mabping.chartbeat.net
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
metrics.getrockerbox.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.thebrighttag.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.dxmcdn.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
visitor.omnitagjs.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
widget.fr3.eu.criteo.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
www.walla.co.il.
x.bidswitch.net
sync.search.spotxchange.com
104.18.25.18
104.18.26.193
104.22.68.131
104.244.42.8
104.75.89.75
13.224.189.35
13.224.189.76
13.248.245.213
141.226.228.48
141.94.171.216
141.95.32.71
142.250.185.194
142.250.185.98
142.250.186.38
142.250.186.66
15.197.193.217
151.101.1.108
151.101.193.44
151.101.65.44
151.101.66.49
162.19.138.119
162.55.236.225
172.64.143.2
178.250.1.11
178.250.1.9
178.250.7.11
178.250.7.9
18.159.114.228
18.196.96.246
18.66.147.83
184.30.16.195
185.184.8.90
185.255.84.150
185.255.84.152
185.64.189.112
185.64.190.81
185.64.191.210
185.86.138.124
185.86.138.155
198.47.127.19
198.47.127.205
2.21.20.200
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
205.185.216.42
208.93.169.131
213.155.156.184
216.239.38.21
216.52.2.30
23.218.208.23
23.218.210.30
23.32.185.192
2404:6800:4006:814::2003
2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0
2600:9000:211e:5e00:1a:1d58:31c0:93a1
2600:9000:2240:5600:11:da61:a100:93a1
2600:9000:2394:1e00:18:1fcd:353:c61
2600:9000:25e8:fe00:1b:5138:8a40:93a1
2602:803:c003:200::43
2602:803:c003:200::57
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:17ea
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700::6812:272
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::2014
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c03::9b
2a02:2638:3::10
2a02:2638:3::6
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::a
2a02:2638:d::d
2a02:6b8::90
2a02:6ea0:c700::19
2a02:fa8:8806:13::1460
2a02:fa8:8806:16::1370
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::714
2a05:d018:cc3:fe05:3111:dcd8:6ca0:7e34
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd
2a06:98c1:3120::3
2a06:98c1:3121::3
3.18.218.60
3.208.207.173
3.71.149.231
34.111.129.221
34.111.131.239
34.111.199.139
34.117.157.22
34.120.218.58
34.149.20.76
34.160.198.118
34.228.152.212
34.246.73.161
34.91.62.186
34.95.69.49
34.98.64.218
35.158.144.163
35.186.193.173
35.190.0.66
35.214.214.28
35.227.252.103
37.157.4.29
37.252.171.21
46.228.174.117
51.77.64.70
51.89.9.252
52.202.131.94
52.210.125.129
52.211.174.80
52.215.100.89
52.46.155.104
52.58.45.126
52.95.125.22
54.164.154.71
54.194.37.177
54.71.178.207
54.72.191.61
54.93.44.146
63.35.30.113
64.202.112.255
67.202.105.21
69.173.144.139
69.173.144.165
77.243.51.122
8.2.110.114
85.114.159.93
85.215.5.31
88.221.169.49
89.149.192.196
96.46.186.57
98.98.134.241
99.86.4.37
018537a06cb861aa678a4c012b8d70c8860ed44dab9b10fa4cf45446dfe76708
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0
0339b0b4bac03ee07419e5bc73ebb2f7571b80864f40e256473c4cec1b1f1105
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
043c0217b249c0e7e34e8e7842f184f8bd383ac603dd87edbcf8173f951a2dd2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
086150a9495573a878d80839bfc34401adfd3b18c430079921e00de312f23974
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf4742574fcd745ecc17fb04b9cc5868072691d1eeb40f53e816a825fa24b8b
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134e8c304f3fa0a6bb741b085624f496d9d697da80836f8b9ed65c412a2f8efb
168ce5333c925d92fddd71e0e86a163e477c67ba2ca0e8d5d89007c981db989d
17fc159664a481670c9f5ca2f4650c2e7f7369aad81910ae3d89ddef3631666f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a554f4ec364f3216334e92f19ecfd54299c585d246f35bf3e566819ca58a441
1a6780efe4d9d6a6233a35dff85651e5ade26bccde07079762401b686ed9aa93
1a87bf84e478479831c20a22df3e385fcc7a81ff49495d2e3f99ab9b8986da40
1aca347f804683cebddecd9e72bf4c3c9dc88fbad4bc89913c4941378ce4d474
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066
1ce0535fc70350b811a3577e4092376d585df50855013c57a10f76f72a44117e
1d91ef280fb0ff6a7a146a72696960e4436e94481f468a168a0c15cdcdc9d6b7
1f60dfc288579bd9be68c5feec395ad5cef460bafbc01d399332d1ed99e08e49
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
23e722333f49a955a1fca9d023e995301df79489e431602bc2c7eeb55dd890ca
26318d88d486abac38f9e0d2051f727b555d5b339368f135349e6f4e2f594c7b
26f431af7024210d31fca970d3ee633c8beab47d56e4a0fb17d832e0615c9cab
281bbc344087704ad03cbcdde07094edbc3b724f9066afc76ff5ef40e49097a1
2a57c34c44f0624bd8b50f520e83f400981599269541732dc95ce43d585c0d07
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af5d3a31df9004e40a41b54cb83d314105cc31cc0d798e106b1210794620502
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2bffee38e24dd95aa44e2b6dd53b5fa3e3ee5a537d356e17368555f513539fed
2c1da2cefe7188aebbc42b7f5af529832f47202c8cb612cf3983439fcea4183e
2d8125cad3a48e7532ed7b442754fef0e6f63da87ace443d61f30856fef2b378
2e887dec4975b66d9c8f8a3f9518b27c1717cbc75b8c0b3619ca55200cae7f2d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9dacf0a2ff7b38244d273910d5bdbf00048ec13daa199ebb7ce53d56315007
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3109fc8f4a6aff20c9eddf126acf9e2f8d916f2f5acdbeac9884df538a898081
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
33efb69392ce60ad1d545ce02dd30a6f82709ef59cfba1605b1b932418fe6011
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b
3737f64159bb143ff2e2b0687bd714075c044698d5459c25b80727755a1e858f
3745d02b3a38f44c16e55ffbe4276d5d1c1e800dcd9ce7dd6691a7d33655faaa
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
382a44d48fad462434b05881490c362b1f1b6f3247647e47585a39b124ec22f2
3839db0a5a24ea02ba1ac3fe96cfa39ae3b47165c988f87d376cb130c4679572
38aedea2129a34778725ba7122d050ffb774e6c017a1dd251867617dbe164cd3
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
3b2c91d5381a4d6f6b63be5cd81d9a8ee3b933e4e5296a7744c787b5cbd573e0
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3ce84dcbdacf2f82e165cbaa57b5032f45895375dc2b0ea895b9be4c803e131e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfcf027cca62240f42b3725b7a0010763ac3203519bc12a0db9cb36f4a89de8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
41ca862a0db5312de06889c1ed316c345324e70985ac88dd8a627ff63a5c0c43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f15ca2614641e7ab48346803da3a0979d1c52927c6c97a008098d484d821fc
45b03f7e7040d89298513099aacedc8bbfeef93bb28b05167d080f0fa1075d0b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4693fb63b2cee4d73c4241e2d7502c2d7c054becd1d0af11b1c0c88994ba5ba8
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c0c57a2ff350ffc914dc5b5724d8f7df76a8345fd089398d353a0b6979a149
495af12c410c467f2f27c4b5a2d77acc133dcb659518a2eb23266966a45e35e4
4ab4b55c7eb822be8b29202439c3ab043da8e1e82e6eb3ed929e92fd46931ccf
4ad4ea14298dd60b6bf1481bd42fad48dc018c78c2547823d3fcb7e73555f954
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e3903fd1d523bde94ac42b0120a2cf74da0228177373cc6681a151fb03310
4bb2926f7e541f917cc00e7d5179e09e1018504935ba5d366c1e9a34b2478716
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
4f43910ca2e1b57bc4d9a9c0317085ec0c424778e88834784efb3cd2b816636d
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5123513035c30f44e20d93f8bc9fda7ba74ec7c315add4883b5aa3ccd220503b
51bfd227e2b0f74a79839643c04e6f14521f39b1c94af4013957dd2ca9426671
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
530bde141b8fd1c44b50d1bd4b912193cbb7c78ef6a20e4be6aad0fa15958867
53c8bff0471a7e264b9972c0e55470a157b4eff96be27371cb62b6628182d71b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
56633ff6c8f0305899c37aa468bb862378b35e95002966f0cd99a681257b35c2
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5abe5532a2a4f36f35dd543165fa918f316dcaf8b672270b6e951ccabd2eb151
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776
5d0577359952b714e119cc1aa6e318656f7d7c642adb87cc84ff00e87c949dde
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d4d6865478389469b20e8fca242e9fa69eab9604a77c3823c125cd5749a729c
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5e86e04454a6923b22ebac870f19d6acdfb4b7d7eda747947d32809a55457f91
5f1a782224ffa91d993bfd2833b9187414fe2c0acc508f3259b2432bb78d195e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f
6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
656aa57e2868296542767f0cec187c26793e193a3ec9eea3971911803320835e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bdec28be3e283ad7663440d2b63efd4ced27ba1a7571a1d630d5f6015ecce7
691003ec75153cc5398f9bf970d84c39b79c0275fd5900bb41b35b2ef81868db
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
6cc350eeff7dbe97f1df01a3c0a36193573ed89bb029e39cb228ee643f35fc08
6d43dae2e0f340ea84fea31cef022a5b60623723dfc32f7d4395e4edc898358c
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6f6d0db9e8623ad90b2aa5649e7b8a6c3dcb8cfdfb5201d61c5a377cd5cb157f
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3
744955188c8bf50c64bb2d9095eec5fe3df45dad12b40c7444ef86d94218fd4d
7455f093e10ad855982456bdd10cfcd51d0cff859356cec3ffb5c9317b8294ae
768322ec37f330841a1204ca476a652c9374e37e447145f4ef231a4878f79021
76c459dc3417295364cd57ed481f75bf15034eae84948885e0988eac355f8672
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78ba7e4c807aee54ec233de085fdf42110f704a0de42cacac4805d8cba2f2db9
79e4e27e77cde7c4d1f68c5ede06875086d9b995af24b12a22a9eb2cdb406fcc
7bbce8fe6c78af012d94c5d5557907681b6fcccbf6978b23366580eae7b8e096
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d42e8411ef77ff785c72d6039f717bf5cb3231f26f1f02b491e094e73c939
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855ff25fdfb949f2e63687e6b8971da7d6ec21d2451c124d2a831263c02e1fe5
871e0bc387886d5627a1d12b8bb988ef62f33d905b6fe7e30d20e3039dd4ff5f
877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b7bb46cecb614a1050fc6b09c13af180de8a8bfd7383ba27c03567f2eeee23a
8b976b4e0138f7b918382760a95c63f0f6cb058ddfa7ab8e3dfcd70bb6caf33c
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
913084e26924aac120b4b44e9d7d8242352267cd5df771b6a4889517b72c2b44
917628cc6c8d95299eb2fa595a0b5e83d3debb6aea50b83e0c70e5119dc0264a
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9446591ba38b6c2c674f1cfdb3d18da953282a533e64768b1c9167339f66bb0c
94da4813c116c289bfcae6e3530e31744ff6f6cb57ea4c84d54d5f99c29fbe9a
95b1ec4eefbe93021028b40675f72200324aa44deca3f2d826278076442a5095
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9792e2a0d3d94a3cc858a6aa1a097f3959f0f1dd663ab47535c23630dd13d531
97c7f0da3206983ab086c24f8e2bd2edeb61531b2f3c0150377abed5a89d3588
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
99997ebe9a98513a40987e80bbb0bfc7fcb24604ec9f8ff336ee999fc39a0c90
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
9d6bde4b653f17ad36d6fcb3cf5692d29cd163173b4b40ec21379c5e649244fd
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02ca2cc000f49572e3c6aa67abbd17f1e2e7c0c1687143017ace8cbc2f3048a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a18858c7ff90b43d14eaf4bd7ad9f265aa775f28229324213062e05d3ce321c2
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3b23c1b85f6e4a797e4a6098cb721285753bd1e6105a341d70d86755d147855
a43adb9f7762d5a690080235ef8eac9745c5d98a48318404be44d4b72251e6b2
a6672ac5a528be4b5e94b18ba67708e25198af703251592e80ea12d25a4525f0
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7cbb0037b1f890bfea30eef146e1b13df044336cd511060872669906183365e
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
a97cc502f748b97196cdb2e6c0431c5763654ea22d4fa44e18ceccd8a4c3785b
aa08e0c850ac539350c43c52fe00deaa2f7f21f06b91007ea8b258f5d72b4b2a
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a
aca1e66c3e8518072d653ba2c6d3d36eb60c78e9cd8be551a099ab5167b4b5e8
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afbf7202375cab30f485753a5364fb72b925d8ee9b3fd4509cf2cd58cb14e121
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b194ec6f02131053688eee2371fecd9165f8687b55e60a850b357f5cbb30fe24
b2c20eca6f1330f620a68b84fb22175133c914f1de262a0d37449fbbde18f42f
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
b5f38674b18cb283ec98740cb5d8a671416c31dfdcfd30036738d5d253e5f570
b609d13a132556b9d534a049e1c57a9404bd467ef916119d2be15036c5df0369
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106
b9c138442107e29751bd914b1bcc3ca3dfdc85311ae7a1ea281db521c52ea30a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe289553e6c11a34fcc1da05baa7042c8d6bf0c333df8ed92559c1b8b38f000
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf
bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c735b33ff91d0c0d18f1e4d8285fc70c641b4305fe28d0b70c1270441668db58
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b6e9265df61193006a45e8c19f2729664054c51643a6274678e13e4da63fa8
cb633724b42f593c39e96eedf9c118a1bf0e3782bc5e08ab59252f72b644f670
cb83104a5fa0331abe1dc6736659956bae6a6e16dc5927a381a1de3f7ad98a22
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cbc5fe312aeca413f2512027d5a43c15969ff168db8651e5fcf914dec671eda7
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf0a18fa1718a355012e63fc260f41419ac0cfcb317e94af01772bb807eee04b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1c7e882540db9efefa24a96bc8c5b0209377cb94c3590a7eaef50b56fe121c2
d3bf345a01519cfda27d710456f60685e973a7dd4138749570099d447a0e6dfa
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
d89438c6557cbaaceb25874dd4d871071a4606672c1c0cf0ce3b942b77427952
d914e564ecf0f0620ab21ce0365beb2901287fa5802d69f3f0fb5cfae2a8bad7
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
da461a6d3486d2e21a6c8e53e4f6ce0989c08ae2db5a1e245f9056016312830b
da8356ea10c3ccaa5f0c89a0acfab206a79856452f5d67b22a088d90248d3877
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6f0465224d3875f51c7a77ecaa748aa72fefe427fa7483cc70e3b209a982e2
df5787bb87ee1068c999e5203e739e875e3606001bfef18ea738141ef8536fed
df9a74ba55b4b89b027a8123540004258e9b4396f1bd73e258af6adfac037750
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e24ab7000162970de99766dd4222d0ed88adea64e1e08b044edfe5268360d7e8
e28e1c02873c93ddf8d9570f07e06c78b590da2b91cea55a673f4bca3d1d1a63
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41babb574fb98c0a68528bcfda14339cf44467d1e7d066e7c6cd1c9fa7de92d
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e53019d7836ac2835684d18d66ddeb4a5798f283f69d7dba1809bd11a6ccadaf
e56e755f83e1aab3b74409ad888d9de6cb1551c16360ac6474c5f2653a577370
e5a5e64a651a22763862afed626a58d4d67bf771c76e6d8e4474c6bde69a8319
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb9ecc3248b50e636e96cfeac2280eae3080b9283a86b299a785a70684a96fc2
ee7fafc2f935351d7d3693ca55f003d7cdfb39c0117defeacb43c06f44ce9b36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc07bb7931313d9b667af950eefdda416c85a4ee2d26eda6fea5307832922cf
f017a09f171ed9367700b05467fb2f331bf596c244b4ceaf65e0aceb38c42480
f01eb67a1e1724c447178c31357e55a575816eb5488feefbbe1672e08d606a51
f12c531c411e01f838df03280d45adb1518a0e8e79c2e3b093883eb05d279ad0
f1f799e5ea0df7509109aaa1abdc35bfc14c1c528c543c830d3497a81c0a1ed7
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f25935301aaf001e06c69c3c370999bcd7cbe1ff775b7182200a31ce6ad69a6c
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f63355022823e064d8e33a4c36bef4082b69c1091e3efd8c8d36cf5d4625f322
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6e7d2883892205584a87bbf9f4b29790652376b0eb33b6303866db14ccd298f
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
ff7f2a975dc5b9ebb161f47060cfc35ba8eac2547050a72c5e200cc9982676b3
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc