urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.co.il/
Effective URL: https://www.walla.co.il/
Submission: On November 17 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 13 countries across 92 domains to perform 429 HTTP transactions. The main IP is 13.224.189.35, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 127663.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.66.97.113 16509 (AMAZON-02)
1 1 18.66.97.76 16509 (AMAZON-02)
42 13.224.189.35 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
18 18.66.122.123 16509 (AMAZON-02)
1 18.155.145.50 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
2 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
8 2.19.85.55 16625 (AKAMAI-AS)
1 54.226.78.37 14618 (AMAZON-AES)
2 54.86.116.177 14618 (AMAZON-AES)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
8 151.101.114.132 54113 (FASTLY)
4 52.208.146.5 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
10 64.202.112.95 22075 (AS-OUTBRAIN)
1 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 23.35.236.201 16625 (AKAMAI-AS)
2 21 104.22.68.131 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 172.64.154.237 13335 (CLOUDFLAR...)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 213.227.153.222 60781 (LEASEWEB-...)
7 185.86.138.122 201081 (SMARTADSE...)
4 2602:803:c003... 26667 (RUBICONPR...)
1 185.255.84.150 200271 (IGUANE-)
2 10 185.83.142.19 29990 (ASN-APPNEX)
1 52.86.97.203 14618 (AMAZON-AES)
2 3 72.251.249.14 32475 (SINGLEHOP...)
1 3.68.1.16 16509 (AMAZON-02)
3 7 51.75.86.98 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
7 23.53.172.16 16625 (AKAMAI-AS)
2 2 184.86.251.220 20940 (AKAMAI-ASN1)
2 35.157.229.218 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 185.86.139.114 201081 (SMARTADSE...)
2 2 54.76.86.227 16509 (AMAZON-02)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
29 2a00:1450:400... 15169 (GOOGLE)
2 6 69.173.144.139 26667 (RUBICONPR...)
2 3 35.186.193.173 15169 (GOOGLE)
11 31 142.250.186.162 15169 (GOOGLE)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
6 6 35.157.180.193 16509 (AMAZON-02)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
2 4 104.18.33.19 13335 (CLOUDFLAR...)
1 4 185.64.189.115 62713 (AS-PUBMATIC)
3 4 37.157.3.28 198622 (ADFORM)
2 2 103.229.205.242 30419 (MEDIAMATH...)
14 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 4 54.239.38.253 16509 (AMAZON-02)
5 198.47.127.20 62713 (AS-PUBMATIC)
2 2 141.94.171.212 16276 (OVH)
5 35.71.131.137 16509 (AMAZON-02)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
16 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
2 2600:9000:21f... 16509 (AMAZON-02)
10 2a02:2638:1::8 44788 (ASN-CRITE...)
3 2a02:2638::21 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 3.126.56.137 16509 (AMAZON-02)
1 2 184.24.1.49 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 35.156.193.4 16509 (AMAZON-02)
4 4 213.19.147.45 3356 (LEVEL3)
2 2 185.89.211.132 29990 (ASN-APPNEX)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 151.101.65.108 54113 (FASTLY)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 13.248.245.213 16509 (AMAZON-02)
2 23.203.77.3 16625 (AKAMAI-AS)
1 1 2620:116:800d... 16509 (AMAZON-02)
5 5 54.229.166.11 16509 (AMAZON-02)
1 185.86.139.115 201081 (SMARTADSE...)
1 1 54.243.58.43 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 54.87.27.54 14618 (AMAZON-AES)
2 2 34.248.17.75 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.150 13768 (COGECO-PEER1)
2 52.46.143.56 16509 (AMAZON-02)
1 4 185.80.39.216 27381 (CASALE-MEDIA)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 35.157.189.90 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 185.94.180.126 35220 (SPOTX-AMS)
2 2 151.101.130.49 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.214.223.115 15169 (GOOGLE)
1 5.161.47.120 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.142 16276 (OVH)
2 54.195.100.225 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 70.42.32.255 22075 (AS-OUTBRAIN)
429 109
1    18.66.97.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-113.fra56.r.cloudfront.net
walla.co.il
1    18.66.97.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-76.fra56.r.cloudfront.net
walla.co.il
42    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
www.walla.co.il
19    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
pagead2.googlesyndication.com
2    2600:9000:223c:b400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
18    18.66.122.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-123.fra60.r.cloudfront.net
images.wcdn.co.il
1    18.155.145.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-50.ham50.r.cloudfront.net
img.wcdn.co.il
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20eb:d600:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
8    2.19.85.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-55.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    54.226.78.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-78-37.compute-1.amazonaws.com
ping.chartbeat.net
2    54.86.116.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-116-177.compute-1.amazonaws.com
mabping.chartbeat.net
1    104.19.149.54 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:20eb:2c00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
4    2a00:1450:4001:829::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
4    52.208.146.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
khn.crowdad.io
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.de
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
21    104.22.68.131 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1h-euc1.zemanta.com
7    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
10    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    52.86.97.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-97-203.compute-1.amazonaws.com
hb.minutemedia-prebid.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    3.68.1.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-1-16.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
7    23.53.172.16 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-172-16.deploy.static.akamaitechnologies.com
images.outbrainimg.com
2    184.86.251.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-220.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    35.157.229.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-229-218.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
4    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    54.76.86.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-227.eu-west-1.compute.amazonaws.com
ice.360yield.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
29    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
31    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    35.157.180.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    2a05:d018:d29:3601:66b:1664:ed6:c452 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
pixel-eu.onaudience.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
16    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    2600:9000:21f3:7c00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
10    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
3    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    184.24.1.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-49.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.156.193.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-193-4.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    54.229.166.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-166-11.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    54.243.58.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-58-43.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    54.87.27.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-27-54.compute-1.amazonaws.com
a.audrte.com
2    34.248.17.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-17-75.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2a05:d018:cc3:fe04:3eca:3e11:a642:4dca (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    35.157.189.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-189-90.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    54.195.100.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
334 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
252 KB
44 walla.co.il
walla.co.il — Cisco Umbrella Rank: 57464
www.walla.co.il — Cisco Umbrella Rank: 127663
1 MB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 458
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
image6.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com — Cisco Umbrella Rank: 1110
aud.pubmatic.com — Cisco Umbrella Rank: 4434
127 KB
29 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
pix.eu.criteo.net — Cisco Umbrella Rank: 7562
csm.eu.criteo.net — Cisco Umbrella Rank: 7724
141 KB
26 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1054
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2688
odb.outbrain.com — Cisco Umbrella Rank: 1419
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5407
mv.outbrain.com — Cisco Umbrella Rank: 2642
205 KB
21 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 3580
prebid.smilewanted.com — Cisco Umbrella Rank: 5877
static.smilewanted.com — Cisco Umbrella Rank: 10241
34 KB
19 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 98973
img.wcdn.co.il — Cisco Umbrella Rank: 92139
157 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 544
16 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13545
ads.eu.criteo.com — Cisco Umbrella Rank: 7609
dis.criteo.com — Cisco Umbrella Rank: 631
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9258
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
103 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
acdn.adnxs.com — Cisco Umbrella Rank: 579
46 KB
12 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1430
sync.smartadserver.com — Cisco Umbrella Rank: 1338
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
3 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
8 KB
8 gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.gstatic.com
166 KB
7 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2136
567 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
2 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
5 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
263 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4293
sync-eu.connectad.io — Cisco Umbrella Rank: 3088
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5922
adservice.google.de — Cisco Umbrella Rank: 8709
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
233 B
4 crowdad.io
khn.crowdad.io — Cisco Umbrella Rank: 80565
209 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 2536
20 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 64527
122 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22314
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24650
740 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
r.turn.com — Cisco Umbrella Rank: 3470
1 KB
3 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 41131
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
844 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
2 KB
3 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 20854
b1sync.zemanta.com — Cisco Umbrella Rank: 531
7 KB
3 openx.net
u.openx.net — Cisco Umbrella Rank: 656
rtb.openx.net — Cisco Umbrella Rank: 1473
764 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2169
mp.4dex.io — Cisco Umbrella Rank: 2225
25 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
196 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1132
mabping.chartbeat.net — Cisco Umbrella Rank: 5102
602 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
225 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 725
syndication.twitter.com — Cisco Umbrella Rank: 990
133 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1239
mab.chartbeat.com — Cisco Umbrella Rank: 2017
26 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
530 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
742 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 557
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 32840
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1771
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4014
625 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1226
457 B
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1489
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3206
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13081
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1886
645 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 612
728 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 498
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 679
1 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
727 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1949
534 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16063
367 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5822
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6159
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
707 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9541
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1431
181 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009
104 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2386
383 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
617 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
589 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004
573 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13122
554 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2182
173 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3939
409 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 160
17 KB
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
6 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2407
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 84270
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 94038
245 KB
429 92
Domain Requested by
42 www.walla.co.il www.walla.co.il
31 cm.g.doubleclick.net 11 redirects 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
www.walla.co.il
29 tpc.googlesyndication.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
www.walla.co.il
tpc.googlesyndication.com
securepubads.g.doubleclick.net
18 images.wcdn.co.il www.walla.co.il
16 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
15 csync.smilewanted.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
12 pagead2.googlesyndication.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
www.walla.co.il
www.googletagservices.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
10 pix.eu.criteo.net ads.eu.criteo.com
10 simage2.pubmatic.com ads.pubmatic.com
10 ib.adnxs.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
acdn.adnxs.com
10 www.google.com 2 redirects www.walla.co.il
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 mcdp-nydc1.outbrain.com widgets.outbrain.com
10 securepubads.g.doubleclick.net www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
7 images.outbrainimg.com www.walla.co.il
7 onetag-sys.com 3 redirects cdn.valuad.cloud
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
7 prg.smartadserver.com cdn.valuad.cloud
7 widgets.outbrain.com www.walla.co.il
widgets.outbrain.com
6 x.bidswitch.net 6 redirects
6 pixel.rubiconproject.com 2 redirects csync.smilewanted.com
6 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.googletagservices.com www.walla.co.il
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
5 match.prod.bidr.io 5 redirects
5 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
5 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
5 googleads.g.doubleclick.net www.googleadservices.com
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
5 odb.outbrain.com widgets.outbrain.com
4 token.rubiconproject.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 gum.criteo.com 2 redirects static.criteo.net
4 fonts.gstatic.com fonts.googleapis.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 sync.smartadserver.com 2 redirects csync.smilewanted.com
4 prebid.smilewanted.com cdn.valuad.cloud
4 fastlane.rubiconproject.com cdn.valuad.cloud
4 www.facebook.com www.walla.co.il
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 mug.criteo.com
3 simage4.pubmatic.com ads.pubmatic.com
3 sync.1rx.io 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 csm.eu.criteo.net ads.eu.criteo.com
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 ap.lijit.com 2 redirects cdn.valuad.cloud
3 mv.outbrain.com widgets.outbrain.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
3 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 csync.loopme.me ads.pubmatic.com
csync.smilewanted.com
2 sync-tm.everesttech.net 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com ssum-sec.casalemedia.com
2 r.scoota.co 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 acdn.adnxs.com cdn.valuad.cloud
2 secure.adnxs.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 fonts.googleapis.com tpc.googlesyndication.com
2 sync.teads.tv 1 redirects 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
2 ads.eu.criteo.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
2 rtb.fr.eu.criteo.com www.walla.co.il
2 ice.360yield.com 2 redirects
2 cdn.connectad.io csync.smilewanted.com
2 creativecdn.com 2 redirects
2 match.sharethrough.com csync.smilewanted.com
2 ads.stickyadstv.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 b1h-euc1.zemanta.com cdn.valuad.cloud
2 u.openx.net cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 www.google.de www.walla.co.il
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mabping.chartbeat.net www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.co.il 2 redirects
1 b1sync.zemanta.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 px.ads.linkedin.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 eb2.3lift.com cdn.valuad.cloud
1 js-sec.indexww.com cdn.valuad.cloud
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 r.turn.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 encrypted-tbn3.gstatic.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 www.gstatic.com 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 pixel.onaudience.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 rtb.openx.net 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
1 tlx.3lift.com cdn.valuad.cloud
1 hb.minutemedia-prebid.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 stats.g.doubleclick.net www.google-analytics.com
1 syndication.twitter.com platform.twitter.com
1 www.googleadservices.com www.googletagmanager.com
1 widget-pixels.outbrain.com www.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 ping.chartbeat.net www.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
1 img.wcdn.co.il www.walla.co.il
429 152

This site contains links to these domains. Also see Links.

Domain
weather.walla.co.il
mail.walla.co.il
mobile.walla.co.il
news.walla.co.il
sports.walla.co.il
finance.walla.co.il
e.walla.co.il
celebs.walla.co.il
food.walla.co.il
fashion.walla.co.il
healthy.walla.co.il
travel.walla.co.il
tech.walla.co.il
cars.walla.co.il
www.sheee.co.il
nadlan.walla.co.il
www.wallashops.co.il
www.drushim.co.il
www.yad2.co.il
b.walla.co.il
marketing.walla.co.il
mekomi.walla.co.il
home.walla.co.il
horoscope.walla.co.il
gaming.walla.co.il
fun.walla.co.il
fantasy-sport1.walla.co.il
judaism.walla.co.il
law.walla.co.il
mazaltov.walla.co.il
now.walla.co.il
calendar.walla.co.il
tv-guide.walla.co.il
holidays.walla.co.il
www.b144.co.il
tld.walla.co.il
beauty.walla.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
b144.walla.co.il
yoram.walla.co.il
career.walla.co.il
paisculture.walla.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
galil.walla.co.il
yarokkl.walla.co.il
daciatrips.walla.co.il
eilat.wallashops.co.il
www.wallatours.co.il
www.wallaprint.co.il
vod.walla.co.il
viva.walla.co.il
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
help.walla.co.il
dcx.walla.co.il
apps.walla.co.il
bit.ly
www.outbrain.com
sport1.maariv.co.il
mundial.walla.co.il
www.lg.com
flu.walla.co.il
havazingboimworld.walla.co.il
plarium.com
prouseum-cheads.xyz
experis.co.il
www.manpower.co.il
jobs.experis.co.il
ramilevy.walla.co.il
www.enaim.co.il
dominos.walla.co.il
www.kamaze.co.il
www.seolinks.co.il
hayoetzet.co.il
www.leumi.co.il
www.sugat.com
m.onelink.me
pricelist.yad2.co.il
www.oref.org.il
bama.bio
www.maariv.co.il
www.hamal.co.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
valuad.cloud
E1		 2022-10-30 -
2023-01-28		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-27 -
2022-11-25		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
crowdad.io
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh

This page contains 77 frames:

Primary Page: https://www.walla.co.il/
Frame ID: DB06335CDE368E826596648BCA43E0C6
Requests: 179 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 40DD79A3C54D4C5B6B7A1B002231EA9D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BAB9F7A36B42FD8F840165A832249587
Requests: 1 HTTP requests in this frame

Frame: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B2D8CEC8E8DAD74A13A053AEE25CE1E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2DEE4CFEF36A5BE3061554144E47BA08
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D8FF54A5BD45AA39DE18A434655BB645
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Frame ID: 7A741184CD1154AC0F3083E1BE5B0CB7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 0E5B536713CC2C0E79E4E6A63E9D6AE1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0ask8Bamy5HPYuecDO3t?pi=smilewanted&tc=1
Frame ID: 360B31A4EE1FA83812AF1340C9C54BD0
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
Frame ID: 60F3D7459E13342248F237904A29B1D4
Requests: 1 HTTP requests in this frame

Frame: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 973051714E93E5839D006FF5B6BCB741
Requests: 10 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: E48F484E76C88EE89B03CC079745A5D2
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 0870AC5C4CA56CE9F2001ED3032891AA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/f3a87f85-83c1-4520-84c9-350b70bd96a0&partner_id=1010
Frame ID: E6A4BB7D6057B7DEA608813B7A2C5372
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 637E67E194A6DFA9F79E1A37F9E276D4
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E17797D6009783D4570182E9D42B92A
Requests: 9 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 6C2C859341C4FEFA59A7DBCBB13C4C21
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: CB0BC31AC01105CCC9FA9C80CED1A6C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 226C8B0D4D8643C05E13DA83497E7760
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3aG9YbFpXTyqlEEpBXksQAA%265131
Frame ID: 2E325337C27225ECA2C970B7BDC3D5FB
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
Frame ID: F50ED618819568478B38EF9DA734DDF3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ec06376-86f6-4800-918d-f2cba1203547&gdpr=0&gdpr_consent=
Frame ID: 38FE3E786915DE9FFA2BCE368C3E407F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6938000792588066926
Frame ID: 29BC057FB9687523850CD6E6CB415E9C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 23BAD391358192688479054D36F1DFD6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: E6B8E6924FAF57F9911A0AF427A7D9AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1683260912507697352&gdpr=0&gdpr_consent=
Frame ID: 51BEBDA1BCB03C28574F1B00FC8C9B42
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Frame ID: 167C12BA8964CD9E0F37E3F6371BDEAC
Requests: 1 HTTP requests in this frame

Frame: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5442DB78371FC05164AAD2296D55BF3
Requests: 14 HTTP requests in this frame

Frame: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E82AD186DA18780779200F7308F6453D
Requests: 9 HTTP requests in this frame

Frame: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98305EF62644429F952A7ED97B91C27D
Requests: 8 HTTP requests in this frame

Frame: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4D0C8698FCBBC3F324FA13B33F7065B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 20065BC3F419DEECAF6D3572286DEF45
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27D3E7C02E3B11129E4359A0924A7BE2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Frame ID: 49576F99E58B484D1786D392AB06E1F6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Frame ID: FC523EB5B6239680BF7DA904CD19DF2C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CEFBDDC96CD0E29453DCF730346BADFF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AAD8B8AE8B019187457B48353CEE3CE1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B9FD51E6B770AF56FE2FF9E35C289019
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: CC27FC0A01FB63D1AC4362A6B4CFECBC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECA23F643DBCF60C6D2E2976B798C82A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E22E58FAD73D504D685EFF29372D63AD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: D59858B93A202C23426D331D78910098
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3F08ACEC9D037904540467D07F5B91D4
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 3C2D6D2D2A78A92661C9F842D9E68161
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D99907C216061576674ACE27059F537A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668712181141
Frame ID: 996E033EEBE785E83C54A6FAEE7A249B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 0D116F4FB5C43C9FB40CB7BBFC2B74E3
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BCF7A624F6C782AA0017CC0EF107ED21
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3847AB45905EB04CB14FFDF524DB37C5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7AF91CE510652A2012820E47827CAB6E
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E70808B10994F365A6E826120E16AE00
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl
Frame ID: 49075C39BFD832A92C3D08C9F433F1B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167064248130992268&gdpr=0&gdpr_consent=
Frame ID: 48FDC82CC5A592188CF1CD6F4406B9C5
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADfn07G7Q4AAB9c6cfOsg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 1EC0170F5DEBD0C7B90227C00DE2F138
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=yci3khkeRrtq6fteZ9ElQLnVm6I
Frame ID: D1E44CFDACEEE611AAF4A5842A7984F6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8901B1B852DB25B4FD16D73434FA554D
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: BD714DA9770D8595D13BF3000F6C7282
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Frame ID: D54AF741ABE15B1BFFFC596AFA23ACE2
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: BA0F4B0A626DFDC87D108E0A90CC92C5
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
Frame ID: 993C7B6ED985E0509CC60EC9F6FD2359
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 2D98DAAA907662BDCF94DDAAAADB1BA2
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: EFDDF138C9F65B89D73CD5999C619627
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: CD8323BBF81E617CCA6EBFCA96B13CA1
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 8F31F46FC032DEB01786E9DD8987B588
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 7E51A3F28FC3D47F8ACAA238B17E0E2C
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
Frame ID: 565EBEF0347960C2471C9362FE30645C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3aG_QAIx2z-XAA7&gdpr=0&gdpr_consent=&_test=Y3aG_QAIx2z-XAA7
Frame ID: C312808B7C477069447BDF3925D8EEE8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 46D8B877D4949CC905ECA8A4527DD6C1
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: A8BDA753B4465DF08792149F8267465C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 54174AB14D53D54FAF68A53DEA9D5435
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A54A3FC77F606594D341EB0C1C30D18D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3728392650
Frame ID: 861D57F96883C2C9D4885B934FD51934
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaMXnVSUWggnQYWQS
Frame ID: D4B47CF62206DDEC93B7184500A20BEA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CEF08F2F6F8E2E68D55B03E4FF6BDB49
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Frame ID: 90A3AB177D8E9B71330A7E02146F3D41
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 63756B3075B7E3FCC8C258C198CD3CE4
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Frame ID: ED6899D9E23CDF98CCF85C6F4FBF1003
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! - האתר המוביל בישראל - עדכונים מסביב לשעון

Page URL History Show full URLs

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

429
Requests

89 %
HTTPS

34 %
IPv6

92
Domains

152
Subdomains

109
IPs

13
Countries

4700 kB
Transfer

11578 kB
Size

112
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 163
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Request Chain 165
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0ask8Bamy5HPYuecDO3t?pi=smilewanted&tc=1
Request Chain 166
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
Request Chain 174
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 175
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f3a87f85-83c1-4520-84c9-350b70bd96a0&partner_id=1010
Request Chain 187
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOFsh-vkW3EM4j0AghYP9Y0&google_cver=1&google_push=ASkJ3FYBUN_0hhmeDQhpOpDyQOa54bic6PXnbpcvK1gkMAu7UEt6Rr123Gd94d_RHnZiUZUndW4kZL64MqpGuJjH3q_RqpL3cCtW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYBUN_0hhmeDQhpOpDyQOa54bic6PXnbpcvK1gkMAu7UEt6Rr123Gd94d_RHnZiUZUndW4kZL64MqpGuJjH3q_RqpL3cCtW&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
Request Chain 188
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENq-bq6VR1OHWIlqbCy9eR4&google_cver=1&google_push=ASkJ3FZaNaq_aCna2JYrdT29IRMwBKhFTC2P5Ujbo_0HvG9qVkr_nQp_zKgMs371DUw8gSVZJGL6S_DbDQyrP0-_2LzSyCFs_eTm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NzA2NDI0ODEzMDk5MjI2OA%3D%3D&google_push=ASkJ3FZaNaq_aCna2JYrdT29IRMwBKhFTC2P5Ujbo_0HvG9qVkr_nQp_zKgMs371DUw8gSVZJGL6S_DbDQyrP0-_2LzSyCFs_eTm
Request Chain 189
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHTkAaRyfhenZh2M4LKHsnA&google_cver=1&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzzR23g008x HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHTkAaRyfhenZh2M4LKHsnA&google_cver=1&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzzR23g008x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzzR23g008x&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
Request Chain 190
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG6z0T75JoySrEeVteKgdQI&google_cver=1&google_push=ASkJ3FZc8B8YXKZoOFrGTyyhA1QZtIHEiOaeFLv3TXH3PxIoXFJwU0l9UkGAn32EpIkLYidWUmp474oApr4itoqX0xE8lweAq-yD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZc8B8YXKZoOFrGTyyhA1QZtIHEiOaeFLv3TXH3PxIoXFJwU0l9UkGAn32EpIkLYidWUmp474oApr4itoqX0xE8lweAq-yD&google_hm=ODk0MTUwNzg0ODc3NTk2MTIxMg%3D%3D
Request Chain 192
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHFTuHl4RIwdexERSkOlT9w&google_cver=1&google_push=ASkJ3FbfYcrmQFxaaOD_HRTSHKwQCcJr0vadejZjNSs_SheIkNSGaWYgF24geUJ3D4IFEiPY2ORhEK5f_T6n1nZOl7tQQVs5eKRo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==&google_push=ASkJ3FbfYcrmQFxaaOD_HRTSHKwQCcJr0vadejZjNSs_SheIkNSGaWYgF24geUJ3D4IFEiPY2ORhEK5f_T6n1nZOl7tQQVs5eKRo
Request Chain 193
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENkE1m6SFIV6qYteF6oX2K0&google_cver=1&google_push=ASkJ3Fb-oKYjvkRybqLW2gTkGJkQWpzS8jhIaYQ6PrH95abap3VkDvZ12enbQh63KpMShLWdYCg6n2WCxK3IzYXZsDS6Q8-HoignhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fb-oKYjvkRybqLW2gTkGJkQWpzS8jhIaYQ6PrH95abap3VkDvZ12enbQh63KpMShLWdYCg6n2WCxK3IzYXZsDS6Q8-HoignhQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 196
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3aG9YbFpXTyqlEEpBXksQAA%265131
Request Chain 199
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
Request Chain 200
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ec06376-86f6-4800-918d-f2cba1203547&gdpr=0&gdpr_consent=
Request Chain 201
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6938000792588066926
Request Chain 203
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 204
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1683260912507697352&gdpr=0&gdpr_consent=
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QEHcFpLYSiOj1E5M4ToIug%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 207
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5bac6376-86f6-4400-a8c8-bce9b09cb6f9
Request Chain 208
  • https://pixel.onaudience.com/?partner=214&mapped=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA0MURDMTYtOTJEOC00QTIzLUEzRDQtNEU0Q0UxM0EwOEJB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBsHqfCKePn_5vsw7qCtG9U&google_cver=1
Request Chain 212
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824179535340228277
Request Chain 261
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBUnnBvPhctI-fFFme8cbu0&google_cver=1&google_push=ASkJ3FZcI904ah0_rWx6oo_YiACPymGzgr4tmXRxvoXfHNQY4OKAuMui2VXqCq9OzbpbBeczNt1DqRTWdsFRSAr09yIyBoU0noIyEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU0NjMwMjQzNTYzNDE5MDk2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUnnBvPhctI-fFFme8cbu0&google_cver=1
Request Chain 263
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBzeMnw560qpZWyR9Mmvcqk&google_cver=1&google_push=ASkJ3Fb5I-xy7HCik_100mFMpaBryFT3c_UCPs-cYxRspULi1yKZ6vx1c6QINJJpHbESM78YbKDB9RV8-AmIMCAEPlN6xt8RcEPRvw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WuRi913eTYuK-hTk4C0qCQ2&google_push=ASkJ3Fb5I-xy7HCik_100mFMpaBryFT3c_UCPs-cYxRspULi1yKZ6vx1c6QINJJpHbESM78YbKDB9RV8-AmIMCAEPlN6xt8RcEPRvw
Request Chain 264
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO4yZThW8aYgoWenowNU3As&google_cver=1&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9MO_NXHSY0nVgA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO4yZThW8aYgoWenowNU3As&google_cver=1&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9MO_NXHSY0nVgA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9MO_NXHSY0nVgA&google_hm=FqvdpGZHVQYvQiBNQXyix2ZU
Request Chain 265
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELtUjSVLU4sGsv7gx9TeUC0&google_cver=1&google_push=ASkJ3FaP0IF-SzZIeieoBAeebM0rSJv-7x8btwfSgb_IA_mua4jT3haGkWjqHfGB6K1u5FIltDqgjzVC_f-fqsfgVY_StBgHMrv1aH4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FaP0IF-SzZIeieoBAeebM0rSJv-7x8btwfSgb_IA_mua4jT3haGkWjqHfGB6K1u5FIltDqgjzVC_f-fqsfgVY_StBgHMrv1aH4
Request Chain 266
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENkE1m6SFIV6qYteF6oX2K0&google_cver=1&google_push=ASkJ3FaV4XmkwiuzOGxeUVq9RZlzJ6CFMhyuBv5_NbZNcFO2yaRrJmvycsAJ8qID7E7kWEM6v829UUWMqOojZcEMy-1NgQBmklVdfgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FaV4XmkwiuzOGxeUVq9RZlzJ6CFMhyuBv5_NbZNcFO2yaRrJmvycsAJ8qID7E7kWEM6v829UUWMqOojZcEMy-1NgQBmklVdfgg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 267
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELCqC7t61HbLgx8kkj7j7M4&google_cver=1&google_push=ASkJ3FYrAZ62glz-iGd0ofJGMtUIIQx7NLmTahmL0ggaH0RmC-aS1w6pkuoho09mrP0_rRLHeSlYuDeYBmzOEcmSmZXMJqi0oBvEjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FYrAZ62glz-iGd0ofJGMtUIIQx7NLmTahmL0ggaH0RmC-aS1w6pkuoho09mrP0_rRLHeSlYuDeYBmzOEcmSmZXMJqi0oBvEjg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 307
  • https://um.simpli.fi/gp_match?google_gid=CAESEKXa-tVcZMYObsxpNyxvSXQ&google_cver=1&google_push=ASkJ3FaN6oWZAF78_WrCO9-hCeZ5ZMw0xR8_iKCQbb9h8Yg-flnChyyLfzG0BPcNE24i54-PBn5pLuuBqMeHtTKeV1f4JqKGmFc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0ED2951E43EA4A6E931D9E0B83C93C91&google_push=ASkJ3FaN6oWZAF78_WrCO9-hCeZ5ZMw0xR8_iKCQbb9h8Yg-flnChyyLfzG0BPcNE24i54-PBn5pLuuBqMeHtTKeV1f4JqKGmFc
Request Chain 308
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOFsh-vkW3EM4j0AghYP9Y0&google_cver=1&google_push=ASkJ3FYvY0Bj9n50U-nWgx_nYbkJKKdt-eNXxpdJJdQVJuNVix13hBFkvrbbexbxxBsL0P66E__AonYFeI9xQ_6yiMdpYpIAZkk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYvY0Bj9n50U-nWgx_nYbkJKKdt-eNXxpdJJdQVJuNVix13hBFkvrbbexbxxBsL0P66E__AonYFeI9xQ_6yiMdpYpIAZkk&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
Request Chain 309
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHTkAaRyfhenZh2M4LKHsnA&google_cver=1&google_push=ASkJ3FYbr5KR6I3eaG_KvA13lA3ws50wID2ycEiKGul7mB3PObbheZAJles-V3QBZUoUylLY3ehbkbf40JMvrpOF6rAgDph0IuI HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e46ca7d1-e21b-455b-9636-5c5c70bef1d4&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYbr5KR6I3eaG_KvA13lA3ws50wID2ycEiKGul7mB3PObbheZAJles-V3QBZUoUylLY3ehbkbf40JMvrpOF6rAgDph0IuI&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
Request Chain 310
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENkE1m6SFIV6qYteF6oX2K0&google_cver=1&google_push=ASkJ3FY3RpBCmRyQT3TPqkzPb8ArHRmcS3k2blsMW-GKrztBvVm6_nRPcYi7gx7zL4ggl1YMiQNLadeEWJnjsquXlxHX8vvC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FY3RpBCmRyQT3TPqkzPb8ArHRmcS3k2blsMW-GKrztBvVm6_nRPcYi7gx7zL4ggl1YMiQNLadeEWJnjsquXlxHX8vvC
Request Chain 311
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ4tTXyItAWWHUYqaUq9jqI&google_cver=1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1668712182941 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8514ae97-44e4-4671-9e14-123657fc2d68-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0%26google_hm%3DA4UUrpdE5EZxnhQSNlf8LWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0&google_hm=A4UUrpdE5EZxnhQSNlf8LWg
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELtUjSVLU4sGsv7gx9TeUC0&google_cver=1&google_push=ASkJ3FYgE6u8Ynv8LkTtsSIZ76Wc9C5lMb_MnxhlRdNOZgvpwn6Pwe1TSSXocUHg9kfSxPto5nA8qWH35pUgUtGaKtpMHr3GaXwT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FYgE6u8Ynv8LkTtsSIZ76Wc9C5lMb_MnxhlRdNOZgvpwn6Pwe1TSSXocUHg9kfSxPto5nA8qWH35pUgUtGaKtpMHr3GaXwT
Request Chain 313
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAzOyzVidfzc0oHC3H_jQfk&google_cver=1&google_push=ASkJ3FZPX2QBHZ4gkJ1tYF8aSm7hGPvRBXZtkaZG5_ia5Bux8N6R4x1lsq7V_bU3w4I3FzqSEcEHI1s_LHQkm3JTiWkmummIAV4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTY4MzI2MDkxMjUwNzY5NzM1Mg%3D%3D&google_gid=CAESEAzOyzVidfzc0oHC3H_jQfk&google_cver=1&google_push=ASkJ3FZPX2QBHZ4gkJ1tYF8aSm7hGPvRBXZtkaZG5_ia5Bux8N6R4x1lsq7V_bU3w4I3FzqSEcEHI1s_LHQkm3JTiWkmummIAV4w
Request Chain 318
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 323
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 350
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=I0iyXXx1Sy9vMklBZW5xL3V1TTFoTkNxNnB2UitoU2VUUGF5Y2hLcS9oWmE0ZjVtenZhUVVSOUwwU0dTVTR3YlFZbmdHaytKdE1YOW41RVVrY3JrNE1lalJnbzEvWDljWUFpdXZmOVhPc1l3TzhoSDB1YWxOblpkb2NCaW8wWG5qb3JjbUw4V3N2RkdrOGphdmxWdjlLdzRmeFFqc21DZW5ES0dBLzZFbU96L3BvY1FJZE1OTkIyTlY3eHF2WjJFeHdwTVJQa21YOGpXN0NOQXJLZkl6V1NIR2tHMEVOZEN5Q2pGekp2SFBaUmFGMDdIaHI4ZXNPU2hTSW1xVThxUm1Sa2NTdHIza3hhTmpvcTVuVjBWczNPMEkxdz09fA&cppv=2
Request Chain 352
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=S7uwHXx4akRtTEExSU9tTXpVNnk1c09ob0h4cUN2dzVXTS9EL1NHZExGVjBadVZCaDFmQWRuR3hDbnY1bXpqaHgybjd2V3k0cHRUalZMMjBraFB0NzVvaktkb05leThwdWRWLzUyWjNVYlR5RklpUTdLb0Z3L0dZMURHVnJsKzErbVNJbGw5ZVhvZmZPZk95Rm9VeFhZeFlnWnNZU1d0Vi9oU3dLVFJCVlZBSUZ0Zy9PUFcrSmJZd1IvWHB6YjdqaUJ6anhZV0cyUEFRN0ZaYzc3VWpIY0k4YUlCU2NwS3FoNXdRY25SQXNsbjVGZE4zSnVGNWovYXZDVlpkZnNoOVdUblJkT01qUDkwWlNtUUtienB1SnRWTkNYbFFrSmF4amlHVkxuTXNnN2l4TXh1QT18&cppv=2
Request Chain 365
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl
Request Chain 366
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167064248130992268&gdpr=0&gdpr_consent=
Request Chain 367
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZm4wN0c3UTRBQUI5YzZjZk9zZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADfn07G7Q4AAB9c6cfOsg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 368
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=yci3khkeRrtq6fteZ9ElQLnVm6I
Request Chain 369
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&addseg=19,36,42
Request Chain 370
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 372
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA HTTP 302
  • https://a.audrte.com/p
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=87d7ac64-3b43-48e9-9eb5-5043e7085788&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8262f-d03d-4201-a4af-89df33b8d674&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 375
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-F2NpJPhE2uV3l_IdXr.RTVrMDaek9bQ-~A&gdpr=0&gdpr_consent=
Request Chain 378
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4546302435634190969&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3aG9YbFpXTyqlEEpBXksQAAFAsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHr0RYQyjqp1gUaKz46P9vM&google_cver=1
Request Chain 387
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3aG9YbFpXTyqlEEpBXksQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEESe5TQu2HA4tLzxqIPwK_U&google_cver=1
Request Chain 389
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADfn07G7Q4AAB9c6cfOsg&expiration=1669921784
Request Chain 391
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FGuVyNR91OVKgE5
Request Chain 395
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Request Chain 396
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjcyNjZjODc2NDVkNDViNTFmYTdhNGMwMjg3NzZlNTg3M2IwMDQ3OQ
Request Chain 397
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LALG5BFG-1E-HOKZ
Request Chain 399
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/lzmI8EcBW4dDLQzVq8ehlMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8941507848775961212
Request Chain 400
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENib7QdLdTzfLzJDhGNTPWk&google_cver=1
Request Chain 403
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3PJ40kEtSZKsd_sQQPfvWw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3PJ40kEtSZKsd_sQQPfvWw
Request Chain 405
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
Request Chain 407
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 412
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=65f0c330-66ab-11ed-b5e7-1e5bf6c20106 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
Request Chain 413
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3aG_QAIx2z-XAA7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3aG_QAIx2z-XAA7&gdpr=0&gdpr_consent=&_test=Y3aG_QAIx2z-XAA7
Request Chain 414
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 418
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3728392650
Request Chain 419
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaMXnVSUWggnQYWQS
Request Chain 422
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4223075997 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Request Chain 424
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:53755705-990f-401c-8bd5-727d8f38c573&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 425
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1683260912507697352
Request Chain 426
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

429 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://walla.co.il/
  • https://walla.co.il/
  • https://www.walla.co.il/
731 KB
340 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0ca5e6b6593b9be2029d01ba9a9087790b04a472311b34fb2662d89f95f4b148

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6
cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 17 Nov 2022 19:09:32 GMT
etag
W/"b6abb-NFoJrk/veo9+MWCsrj/0aeRUx6s"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id
3Z3ZcoTC6R6gNHunQfopZcbL9LkMNwRkRPt3L-fShjfIWqiEFX0amA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-cached
HIT

Redirect headers

age
1719
content-length
0
date
Thu, 17 Nov 2022 18:41:00 GMT
location
https://www.walla.co.il/
server
AmazonS3
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id
_VmIkpqVomCfYE7l32HzA02JdLMPjnkOJdu4bKxtdaVOPcZX9CwB-A==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f99b608060a68f5de9402cbd52809497e16070ab53ff6215b1d455e727ce4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27333
x-xss-protection
0
server
sffe
etag
"1395 / 790 of 1000 / last-modified: 1668686750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Nov 2022 19:09:38 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:24:48 GMT
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
2690
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
il-jYp4mixn0whQiXKGFadgrE-YlDAjm7cerXtsnVB-VIDKmgJdXcw==
expires
Thu, 17 Nov 2022 20:24:48 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"473-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
fZD3u_vKeWwFeIw5QNe0fscjUOGWwW0NE2uQSglieZHGxPIBdHprRA==
x-cached
HIT
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"7ee-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
kjT-42N60npPuLDruiZObUOdcB0JrKhpHYBSslE-BoaTrPkQhhsfNQ==
x-cached
HIT
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"1d0-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
HIT
x-amz-cf-id
skNLZz9i6POjGYaYLCR0giVU0lutmOELze-uBQjz1VvK_f4iGxGZzw==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"492-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
FGIHZBsrH7qwhjyJ9WxNxE-MSuqx8TB8UopZphYH_t6j6Sip4N_LIQ==
x-cached
HIT
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"c00-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
VpXombE1gxwxJuEnTektqn_kNnv3dEDHPf0dcgYUxB37bcc7aRLBbQ==
x-cached
HIT
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"488-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1160
x-cached
HIT
x-amz-cf-id
UQzzbp9gRdWzGCboAXam5WctOLK9DxdP-ag__tHgvGuJdtGCOMcvyQ==
3366922-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/3/6/6/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/3/6/6/3366922-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
52bc90e82c6e85527ad2a17e2301bae4a99c0576a8a2148ef2118aad99f70603

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:22:11 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
2847
edge-cache-tag
298632748986453741941495260051316309007,292863398143808059355012445249367092850,d2bce9e04f88d43dd8350e859c701704
cache-tag
298632748986453741941495260051316309007,292863398143808059355012445249367092850,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
16255
x-request-id
c6a9c4f0068bb25500d9d2616c8956f0
x-served-by
cache-lga21930-LGA
last-modified
Thu, 17 Nov 2022 18:22:12 GMT
server
cloudinary
x-timer
S1668709327.891007,VS0,VE4647
etag
"eeb2a7bff10d843cbe06f020558a5dac"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ErG0KbFr-WdP5-BEIGiu5hXVYmFp1ZiDO30Y4KK-V1nLnG-0Rhd2ig==
x-cache-hits
0
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"834-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
TJHdNZQYLESnycqkMfRdGUqSkhDek9WynNKGZQwIeKLOA04FHfVuaQ==
x-cached
HIT
103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"37f-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
895
x-cached
HIT
x-amz-cf-id
3NII6j93QfyRClbI4AKEEud0HFQ0KfStr_4i51YI4AgbfMe1LLUprA==
99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"3a5-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
933
x-cached
HIT
x-amz-cf-id
aKoKxAR8ywqf_f23d39VxgTyXv7bb7Cgl2F18-Yf32uaqI1rpZDwtw==
3148078-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/1/4/8/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/1/4/8/3148078-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
0ec3cb3aea0bfc2906e9f7caa425f80e95f05e56a9b1dfb3f49e003b0753acec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:13:48 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
215750
edge-cache-tag
436259777536534679390102429832645777884,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
cache-tag
436259777536534679390102429832645777884,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
25422
x-request-id
de39c07b3f751f1b5d54b01e075aa234
x-served-by
cache-iad-kjyo7100033-IAD
last-modified
Tue, 15 Nov 2022 07:13:49 GMT
server
cloudinary
x-timer
S1668496427.716963,VS0,VE2085
etag
"4c0cafcc46f9e1ed25128c12daabfebd"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
9s9uMoW20iJ6GwpyXiEtlMyuhxqoHOlHpw_D-qKuZNDrk-zjraXv5w==
x-cache-hits
0
3454620-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/5/4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/5/4/3454620-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
7c2a5fe634034250f22ff927e5524535e530534382188ee1fdc56f1da4905b52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:13:50 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
215748
edge-cache-tag
415066678713712385715577263355731646380,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
415066678713712385715577263355731646380,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
1808
x-request-id
e72feb04635597404635dd7ebaaaee18
x-served-by
cache-iad-kjyo7100117-IAD
last-modified
Tue, 15 Nov 2022 07:13:51 GMT
server
cloudinary
x-timer
S1668496427.916698,VS0,VE3961
etag
"8c311578c5ea91e00c964f1f83dade63"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
n2CncB69_fxWe4sFyNsOTPd5-cvP05qk4X-1e7c6KALQ6Bnt12Uuug==
x-cache-hits
0
3456971-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/5/6/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/5/6/3456971-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
ec95b6c31753c1cd92f6ac48949ea22825e4af26d845dc8b9a9a9b977ebc41fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 05:18:12 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
309086
edge-cache-tag
342824055081560767759569349660259989250,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
342824055081560767759569349660259989250,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
1859
x-request-id
81e599d3d96db12d36ee9c0763c7fb16
x-served-by
cache-iad-kjyo7100081-IAD
last-modified
Mon, 14 Nov 2022 05:18:13 GMT
server
cloudinary
x-timer
S1668403092.618537,VS0,VE616
etag
"a5c3e9145c30bd84fe16700fd2252a7a"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
2q4sSYswUC9XxrZlmIr0Dn9dL05Jooj4mg-1cKK8sI7pQU2RdJnu_g==
x-cache-hits
0
3457899-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/3457899-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
8cbf521c927e4207ed500bfd1fc32f2060ed12d0ac4245a1e1379a06ea5a3737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 13:43:44 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
192354
edge-cache-tag
305542027558887131603337432785601522204,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
305542027558887131603337432785601522204,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
9142
x-request-id
982b915a5f2d34c776b4a7311d23235f
x-served-by
cache-iad-kjyo7100172-IAD
last-modified
Tue, 15 Nov 2022 13:43:45 GMT
server
cloudinary
x-timer
S1668519824.063234,VS0,VE548
etag
"4889bb7b19fe921683351113b72a6d9b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
WlO_8DY9oZbEt9ZxO13RVuDibB2yTeISoJxw-zFXtDGBJP_u-ZgRjw==
x-cache-hits
0
logo.png
www.walla.co.il/public/assets/mundial2022/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/mundial2022/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
4eb0e31410e9f2996e2eee5ff261c3824762a2ff33896ed7c54d5cfea4d614f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"7d9-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2009
x-cached
HIT
x-amz-cf-id
-IF0BTVdNrA-VUa13QXsXEi3mYE_ru6_b8afGc_i_GSsAaEntiB5Bg==
3456829-46.png
images.wcdn.co.il/f_auto,q_auto,w_100/3/4/5/6/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100/3/4/5/6/3456829-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
f15188bb5d84e3230c0da87f485956a801611065098a070a90a67cfd02ddd039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:33:39 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
354959
edge-cache-tag
418228235690675943479424299902623152797,188002405265795610049725839385426125126,d2bce9e04f88d43dd8350e859c701704
cache-tag
418228235690675943479424299902623152797,188002405265795610049725839385426125126,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
1887
x-request-id
ca71bff2b9615694c11ac18b67025245
x-served-by
cache-iad-kjyo7100037-IAD
last-modified
Sun, 13 Nov 2022 16:33:40 GMT
server
cloudinary
x-timer
S1668357220.508069,VS0,VE276
etag
"c50c56d41541c38db369cdd8d4b509a8"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
zkVldIbuzek7ZXjm_lsFdkQxkr7CrzCGAIeTxvlv-vErQHA-wIcRHw==
x-cache-hits
0
teams.png
www.walla.co.il/public/assets/mundial2022/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/mundial2022/teams.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ed171d7f80d5c9251c5c23dca6413b485ce5abac6c4be77a32f0f1441c7f397b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"102fa-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
66298
x-cached
HIT
x-amz-cf-id
Pu0R4A1UtZfIJ3AtF2d1SScIiPsSeNU04YiUfvgHw882c2pCtUSzuQ==
teams_mobile.png
www.walla.co.il/public/assets/mundial2022/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/mundial2022/teams_mobile.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
7d2d1679166b3b7479cb141847433247bc42ae3fba26ebe60d348858a64991a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"3bd8-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15320
x-cached
HIT
x-amz-cf-id
NKyiof2C0GCGmQWvc_6_j4gX9DYVaoLqsiJARHBIYc8Iu7TLeBB1Qg==
banner_liga_desc.png
www.walla.co.il/public/assets/sport/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/banner_liga_desc.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
133884edba9d28692be3471fa8848ad9ef287300e520f37c43e637dec58e6512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"284be-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
165054
x-cached
MISS
x-amz-cf-id
nDUwB0s7QfXbS_4vHOboPM_-bvSJR_3Rq2ztIXJV3gAawnQyckZFSg==
mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"f8c-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
3980
x-cached
HIT
x-amz-cf-id
kOSP246O08E95gdl3gfm0H46r3uGT99eFSeoOB7w2FzUlTUVoXRlCw==
3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-50.ham50.r.cloudfront.net
Software
cloudinary /
Resource Hash
de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 23:01:24 GMT
via
1.1 varnish, 1.1 0acb1af81eb9557d294dad007783fe3c.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
age
5170094
edge-cache-tag
315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag
315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
732
x-served-by
cache-lga21922-LGA
last-modified
Mon, 03 Jan 2022 09:47:54 GMT
server
cloudinary
x-timer
S1663542084.021609,VS0,VE26
etag
"79624ac971cffa490d9827a952393183"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
wIXE8zqhy1ASECnWnhnEeWuTEz52UzstFcNCM0PKDkiCjNyeTZmOmg==
x-cache-hits
1
career.jpg
www.walla.co.il/public/assets/icons/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"be7-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
3047
x-cached
HIT
x-amz-cf-id
ZyYDtysUSY1z_kFJIT0aFIb29-Yj_k-e5jbQSrGfGllQ61EJ-wQOrg==
mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"9ce-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2510
x-cached
HIT
x-amz-cf-id
VCIFL5uCtNS-sYQ63nC6axOSvrLhxpU1RC2OnAtQYijYJhsAQwQ4BQ==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"27c-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
636
x-cached
HIT
x-amz-cf-id
kphrFk6BAbAfATBHCpxfhnCmyB3Cm5GfP4H7aJDTMjQqH9yKF5B30Q==
148_b9895f2e6081dbbe3808_b9895f2e6081dbbe3808_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/148_b9895f2e6081dbbe3808_b9895f2e6081dbbe3808_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d1dc5d7ef07dd2dfa57bd99bab5e04a2eccd2b5a5a8810110d1bea166429a63a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"2bc4-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
pkz4xGb8sIji6IY1oEAg3xeVBXP-6v7oImjpGTTfFggoNfUX8tJPqw==
x-cached
HIT
504_d27adc7f60512ad1070a_d27adc7f60512ad1070a_walla.js
www.walla.co.il/public/ 		310 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/504_d27adc7f60512ad1070a_d27adc7f60512ad1070a_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
de6ab45bdbef1c6e8c85040c7fc011b8ed4a7938ed0ecbf4e214e35e90fde88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"4d6af-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
AdOzZn_e5R7Z12mIfO6K6Ay_Nlo5RiX2v9uQ53Hw_J802szGuO8fKw==
x-cached
HIT
main_c6a87b4a2676787cf6de_c6a87b4a2676787cf6de_walla.js
www.walla.co.il/public/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_c6a87b4a2676787cf6de_c6a87b4a2676787cf6de_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c7df0a1d404c5f50f4eae6e994c6eafa46decd1770afceaf6a4e73b414baf8e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"120813-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
grFd34MMEpkyAvwg3rn6_20Xck-cZvNV9U76Hg1K0HEpUtKmiWSmDg==
x-cached
MISS
517_3785216c25a5548053c0_3785216c25a5548053c0_walla.js
www.walla.co.il/public/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/517_3785216c25a5548053c0_3785216c25a5548053c0_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b40fcd8e22829cd66c3062cf7448f03b54e0c43f9d518bc6130a6aea2f17a132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"4a5a-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
D5LkgUfcPtNRsfzW2QLJoICieTJJfaF-UqgdfsuWuldr2hLWNC_qbQ==
x-cached
MISS
homepage_91163437bf8563aa5733_91163437bf8563aa5733_walla.js
www.walla.co.il/public/ 		287 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_91163437bf8563aa5733_91163437bf8563aa5733_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e54a2c7b99c4572dccdd37913e67f7e55c6e53ef8576f420fb559d7e56b1540c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"47d19-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
iZrfvK8rQWIW9uT2plJ2iYjew5Rlp2cDBfB8ejpTlRia081-mhh7Yw==
x-cached
MISS
pubads_impl_2022111401.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72c530773071f1aa1e6f7a3b0d20810449c8b6eb39d6e109fcd7082868888f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 14 Nov 2022 17:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131977
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 09:35:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Nov 2023 17:01:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		907 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Thu, 17 Nov 2022 19:09:38 GMT
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		907 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
03820dcedde5a048ea1dacf83bd185f9363ddf279dc6c06a844b29b0901b115f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 14 Nov 2022 21:30:56 GMT
x-amz-request-id
tx00000000000003a87fa5c-006376711b-2b9df863-fra1a
etag
"b6079e76abd0aa26b990b76c0d0b281f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1668712178.dop259.am5.t,1668712178.cds228.am5.hn,1668712178.cds312.am5.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
250516
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 19:09:38 GMT
Content-Encoding
gzip
Age
1017
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29221
x-amzn-internal-status
304
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/67C1)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		405 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f335ef26368e6f5a583e59ea5e06800090e7d2fcbfbbc8ac7fc7d6040356d79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84950
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Nov 2022 19:09:38 GMT
gtm.js
www.googletagmanager.com/ 		470 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
beeba024ea2fd747354d41dfbd69119e64ad63999dbc16a2fb09b69a19455aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66453
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Nov 2022 19:09:38 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d600:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
date
Thu, 17 Nov 2022 05:40:41 GMT
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
48599
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0jA8D1BjHgQ7NY5B9gNMLvkoAlQGLw6mrs6-hoG-d4ywLaBZWyT8KA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:27:09 GMT
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
6149
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eyABi9A_XmBh3ZoIZdqPCFkCef4YiOu80tszEEL-JY7NpfhDcplZQg==
expires
Thu, 17 Nov 2022 19:27:09 GMT
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"5b6-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
HIT
x-amz-cf-id
sq45DiuIuUB_Sb8a-2ZcSgaYqKljltdive0Ni4nArg9azaarwCPO5A==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"2e7-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
HIT
x-amz-cf-id
WBnwv21NjeY3oWf346HoKtcZu727JxBBNKTN6wpi9tYMFTKzu6JagA==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"b30-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
f_mORiwQsEMPzmv4kqzN8erN77LMxiiXeWFOjitBRCv2iXNSz4rD4Q==
x-cached
HIT
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"85c-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
mmnJzgnjEabeU_yoD7S6yfQuPVY8WIpKj4eBp-38udekfczTgK8p-w==
x-cached
HIT
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"5f6-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
LJsp525E8Z2dRTxG81V39RP6CnQ2PgkqQ4uhmdoybQob4PD6QhMewQ==
x-cached
HIT
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"e954-18486501ca0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
rKIcSjj2xI03UPq7AQYJSaNtDYwqGCF0CQBLv4BQ5QyNbTeVPrusbQ==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7a478a8514e4da0b88831319b97556512a82436130a9479bc3625bbc072edd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
312
date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
3523
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
702
x-served-by
cache-hhn4023-HHN
x-timer
S1668712179.687983,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 15 Nov 2022 18:10:55 GMT
outbrain.js
widgets.outbrain.com/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
216219094735606ba7083dba2e89479b7477b17e70ad669b03a3ae47e6ad89e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:19:00 GMT
etag
"15-5z4wegzhna73R0Z5pN1PZUlQeEg"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
302ac4bfdd726283b24ebc9558a14ca0
timing-allow-origin
*, *
content-length
75776
arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 		475 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"1db-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
475
x-cached
HIT
x-amz-cf-id
kp8qeHIQbXVjncwFh2__I9TOAnASoLEBzI4Yohwul-XikgaUFY9s5A==
play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"199-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
HIT
x-amz-cf-id
X632_p4L7ve-0GtM2VC4-AWhAvjxu8dMaZv3xLrXQEEYD99PgcnEiQ==
play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"199-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
HIT
x-amz-cf-id
kjjeNh8HqARhXrlmgmPx4z7LMvwUewK5J90e_TLYZz2bHgJOJp7JhA==
walla-sprite.svg
www.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"4a05-18486501ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
ekSfRyGqWT05Rtz5B6CnRSPAlOdq8I_eDCcSRPOGcAS7Wzq14HtA5g==
x-cached
HIT
icons-play-live.svg
www.walla.co.il/public/assets/icons/ 		298 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:16 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10282
etag
W/"12a-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
298
x-cached
HIT
x-amz-cf-id
6DkJlwKGvjH-R8t8lfRp1EjfPZS104j8EoMR0qIkjVYyhwSs_9JBCQ==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"3bdc-18486501ca0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
Gs-2zX6aYP0VLrJ3nqOy13d0uGCxB_XOI0VXF4ihyqvdf6aeFowFCg==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"e7c0-18486501ca0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
lOlK2WraGO-v1_8pNzKZfex4FNUxSI3vmyTHwJQ-oJv67uOGCAtLgg==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10283
etag
W/"ea00-18486501ca0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
HIT
x-amz-cf-id
ONd7vPiZU3EW-or8YPpn1XKWAKGmSj-mCR0I7k_3toTIV9LvNyAiTw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:24 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10274
etag
W/"e770-18486501ca0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
_Qj9HZUu1CvMXa6Ml8acGMtjXzPgH40EzLeYVLsSvR-0euqf-4HWkg==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=CPVS2pDeXzGlmuFWy&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11005&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=908&t=BHfA9-DY4anIB6Ux_lNsrpyDDXOHC&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=JL0OpB1KqXPBtsoVsCKxYi0Dl-kbk&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-78-37.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:39 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CPVS2pDeXzGlmuFWy&c=0&V=136&x=8daMmU66Tdn1W&v=A&ml=m&sl=nUHMJ&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-116-177.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:39 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CPVS2pDeXzGlmuFWy&c=0&V=136&x=muiIa2JehMYYw&v=B&ml=m&sl=BF4f-R&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-116-177.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:39 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
391_a64a6978466e464bc4f4_a64a6978466e464bc4f4_walla.js
www.walla.co.il/public/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/391_a64a6978466e464bc4f4_a64a6978466e464bc4f4_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_c6a87b4a2676787cf6de_c6a87b4a2676787cf6de_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e3e0c0eb7964567b3c8348d7fee5a69a923b4c4e45e196e7b4b8842cd20096ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"1e854-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
eW25BB7oxBLl6Q7cC8v5iKf4TNL5xwFvcOajxpazYwsmnvkNPzLDfg==
x-cached
HIT
PikudInner_71a2339dbca8b244a152_71a2339dbca8b244a152_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_71a2339dbca8b244a152_71a2339dbca8b244a152_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_c6a87b4a2676787cf6de_c6a87b4a2676787cf6de_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
acf6065a1e918d23c4252187af26e95c150ed8285fece76659e48fe50cfa06ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 16:00:44 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"cfc-18486522fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
dHzwa2jrYrNYP7S75bj-0XpQm-09a5emyr0FVC_m1eCC6g3Uyx0-yg==
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/504_d27adc7f60512ad1070a_d27adc7f60512ad1070a_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f99b608060a68f5de9402cbd52809497e16070ab53ff6215b1d455e727ce4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27333
x-xss-protection
0
server
sffe
etag
"1395 / 548 of 1000 / last-modified: 1668686750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Nov 2022 19:09:39 GMT
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:15 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10284
etag
W/"46c-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
sV6DNqVqfNahs_-i7Vz5fR-1zJI0dgVWijCmcASDE4bt01ZQkQvNYQ==
3458488-46.jpg
images.wcdn.co.il//3/4/5/8/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/5/8/3458488-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
ad5d8bd33b4afecce0cf1c3d38ced10bc1f345e6e0371d9d9b54b85f21fa3f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 07:27:07 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
42152
edge-cache-tag
301621164757152838336628306345988752924,d2bce9e04f88d43dd8350e859c701704
cache-tag
301621164757152838336628306345988752924,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
7698
x-served-by
cache-iad-kiad7000172-IAD
last-modified
Thu, 17 Nov 2022 07:26:22 GMT
server
cloudinary
x-timer
S1668670027.362658,VS0,VE35
etag
"3c9a87ac0421a32b4cf68af1f9e89500"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Z4N_W_KSOO_HAeyA7aC2L-TMZfhUd4ov6ZPTCdC7zRFe4K_vWGF20g==
x-cache-hits
0
3446763-46.png
images.wcdn.co.il/f_auto,q_auto,w_400/3/4/4/6/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400/3/4/4/6/3446763-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
c5b8c33935eb54f665133731f389751b694cb221fd19e19bca18758034e86ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 15:13:36 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
618963
edge-cache-tag
260123766931755275147947543974984546756,381913850593876579626476268632260101011,d2bce9e04f88d43dd8350e859c701704
cache-tag
260123766931755275147947543974984546756,381913850593876579626476268632260101011,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
3930
x-served-by
cache-iad-kiad7000128-IAD
last-modified
Thu, 20 Oct 2022 15:10:53 GMT
server
cloudinary
x-timer
S1668093217.843243,VS0,VE1
etag
"1735ced6b0f3c485c9fc6c4d2a9a7939"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
MqZP6eJDjXP8wJX5LJaaefd2SN38sU6QL3qY9JxBzp44uN8hU1gt2A==
x-cache-hits
1
3458881-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/5/8/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/5/8/3458881-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
cdaf4f5a1085524dfa6e90462b42bf0133a99ab6f019eebaccb2af3c03348bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 15:11:45 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
14274
edge-cache-tag
395347606849097916991784452510726626995,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
cache-tag
395347606849097916991784452510726626995,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
13232
x-request-id
f4a601824a82f44252d349f27fd8543e
x-served-by
cache-lga21947-LGA
last-modified
Thu, 17 Nov 2022 15:11:46 GMT
server
cloudinary
x-timer
S1668697905.730545,VS0,VE444
etag
"5f2b649359e1cd2505810e19b4d359c4"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
XUY54nJDElvu7hOLm1rRp-ksQosAEnS1y1W5OSsUp-z0QY4iS_T0qA==
x-cache-hits
0
3458856-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/3458856-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
5db50d683e0b77a3121466e587192f0711efbbba9df0d3adb3645bcb436eae1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:47:00 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
15759
edge-cache-tag
287260188537744039652674215752743966407,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
287260188537744039652674215752743966407,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
3960
x-served-by
cache-iad-kiad7000082-IAD
last-modified
Thu, 17 Nov 2022 14:46:42 GMT
server
cloudinary
x-timer
S1668696420.181842,VS0,VE3
etag
"9157bd28033d8116a095e073093faaa4"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
hJsrhpQkPljh6s5R6k19o4sm112l5jYyVKja_c9on0EtdVm2NLp_yg==
x-cache-hits
1
3458753-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/3458753-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
2d4ae838b6ca01ae283f3b80094168353faa52beadac810e0e7ab8618628a14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:12:43 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
17816
edge-cache-tag
282005155160337194086580871361551793907,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
282005155160337194086580871361551793907,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
11164
x-request-id
f0bfe0646a07595d2d82266cc8831c88
x-served-by
cache-iad-kiad7000107-IAD
last-modified
Thu, 17 Nov 2022 14:12:43 GMT
server
cloudinary
x-timer
S1668694363.369539,VS0,VE1
etag
"654e1db4540124440afc67f4e8369cc1"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Y_cRlrQw-MrQH7uAPUjs4S65ypdEmCu05fEpEZflNWiSSZmecyuvYg==
x-cache-hits
1
3458813-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/3458813-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
88af541f9bbb4e0fd2101f0d895ab423b6ed52a8c3198632f23e4274f4908d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:16:17 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
17602
edge-cache-tag
135465015599065373204328055501913860279,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
135465015599065373204328055501913860279,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4714
x-request-id
2204bc4e3d54c664f0d865215a977d5b
x-served-by
cache-iad-kiad7000118-IAD
last-modified
Thu, 17 Nov 2022 14:16:18 GMT
server
cloudinary
x-timer
S1668694577.775951,VS0,VE575
etag
"871076f8d04474ee7095b71be7965898"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GIKY7lwne4c_Syo2H0I4qMzzM-k2siybBekqQUpq20bAYMsghuW4zQ==
x-cache-hits
0
3458743-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/5/8/3458743-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
97ac84c0ecb38096012ffd082ada07a60227f692630a644aaee99c9570020578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:12:43 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
17816
edge-cache-tag
218480763856478614749105289957029337208,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
218480763856478614749105289957029337208,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
22950
x-served-by
cache-iad-kjyo7100112-IAD
last-modified
Thu, 17 Nov 2022 14:12:44 GMT
server
cloudinary
x-timer
S1668694364.795087,VS0,VE48
etag
"0d23d93d35428d6ad5af195188e1885c"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
V87FBMmjCry765T6NMLJaig87bAXLX712P6XrIIw2_7kc8NhcK0E9g==
x-cache-hits
0
3458612-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/8/3458612-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
a0f03770b2a6f73ca1bb1f856dd403c108c2f5b196305f2bda1e1754b8775304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:01:53 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
7665
edge-cache-tag
216081374728814818388531669998816122836,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag
216081374728814818388531669998816122836,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4833
x-request-id
03fcd0e86ffa65aa4e33603b484c9e99
x-served-by
cache-lga21935-LGA
last-modified
Thu, 17 Nov 2022 17:01:54 GMT
server
cloudinary
x-timer
S1668704512.498904,VS0,VE1467
etag
"20f2cbb37ea26281612c557326929a93"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
saUT0PGE0lG7D5EIHjthJQ0JUVdcq0MlDNc_GZzmXsznoqOzFSpdSw==
x-cache-hits
0
3458965-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/8/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/8/3458965-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
24478d1a8dc128e0d523dbf0dfa6c69995814ba8450c53d73526bda1f2f84adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:46:29 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
1390
edge-cache-tag
319638141447448049634019601759982820523,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
319638141447448049634019601759982820523,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2487
x-request-id
3fd8e2f5edebb1726db5bda028a2ce88
x-served-by
cache-iad-kjyo7100120-IAD
last-modified
Thu, 17 Nov 2022 18:46:30 GMT
server
cloudinary
x-timer
S1668710788.047951,VS0,VE1118
etag
"5f8b2e3d44544167bcfb1317a09ac7da"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
IsytF8M6VCM4OabsMc-ySHUvnQ5BJ1hlUR8wMfioKRjOevMmrJBlcw==
x-cache-hits
0
3458972-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/8/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/8/3458972-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
e065e2d4f32300099eef7e39ed9a8a4d5da957767f9ef62e818dd54688117376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:00:50 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
529
edge-cache-tag
346555336865529256570369505548836639027,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
346555336865529256570369505548836639027,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
9527
x-served-by
cache-iad-kjyo7100066-IAD
last-modified
Thu, 17 Nov 2022 19:00:48 GMT
server
cloudinary
x-timer
S1668711651.753238,VS0,VE22
etag
"9d55de2b134b1944f092db1ecf233e7f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
IT00lTlTgbiLutmUTPrp_EYaNMKuiqdRIGYwbYB5Do4U1xjMfXOHYw==
x-cache-hits
0
3203726-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/0/3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/0/3/3203726-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
8de60f3ccc85e41182fd74495371890109769c5e4a9e96878287012511a1185a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:04:09 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
22118730
edge-cache-tag
116150131129779295157252781378957772273,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
116150131129779295157252781378957772273,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
1703
x-served-by
cache-bwi5031-BWI
last-modified
Tue, 28 Dec 2021 19:03:07 GMT
server
cloudinary
x-timer
S1646593449.429719,VS0,VE1
etag
"ed7a8eae041d9f4f3c15fb05c1f62eb6"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
5AztguZ8NesOUg-YAHPE9uRjWifgIwEPXQBqwwBXqleiOlEqfn_iIQ==
x-cache-hits
1
3458973-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/5/8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/5/8/3458973-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
f96e3c409f64ccc34f4a75f41e1f4f21b1af2fd9d4a4eb53bcbf4503af96e0c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:00:51 GMT
via
1.1 varnish, 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
528
edge-cache-tag
258459197692127817719139494954266682220,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
258459197692127817719139494954266682220,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3815
x-request-id
73cb15d634e1bf555f7acab772c5d8dc
x-served-by
cache-lga21927-LGA
last-modified
Thu, 17 Nov 2022 19:00:48 GMT
server
cloudinary
x-timer
S1668711652.632599,VS0,VE1
etag
"64dc75887dd4a267701878ec0640daf1"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
_bB-P4nin0tA7koxOXoZbiSN3zgV6cUzYvkVRU6grZD96xS_Ev14Aw==
x-cache-hits
1
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame 40DD 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1284528
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Nov 2022 19:09:39 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C2)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-11-17
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7aa8178d8811eecc039f610e464f13c9c92a3e4caaf72ae7ca2af53cad5e209c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
54STJkk5Ht7xYaQXWyX.bwlRCFmmcFf7
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
date
Thu, 17 Nov 2022 17:08:01 GMT
last-modified
Sun, 13 Nov 2022 17:07:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
7311
etag
W/"cae3263f4b79909f4da2fb2f4f0a80c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ePY6EclUq5MZSVKhdx49woiMIQFc5L3tllk7XY1xCxHYjmtATZ1D8Q==
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:39 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sat, 17 Dec 2022 19:09:39 GMT
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-request-id
c44b7de4-b729-4a85-b7b1-86c547dd9da3
x-vad-version
0.9.12

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
c8974d8636d3d7e8c0fdcd4004138e17
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 17 Nov 2022 19:09:40 GMT
server
Google Frontend
x-cloud-trace-context
04b6ef72a43d7f158b890a354382bf83
x-request-id
undefined
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 19:09:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Ly8KPurvk7rdGaPafD5pdcsItj/utmgNsYnAyYjZjeYmGuS8lPRvs+O2UKgQs1E9fY1uRzNtHowWa5Ebmem/Ew==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 17:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6290
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 17 Nov 2022 19:24:49 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16827
x-xss-protection
0
server
cafe
etag
16359567893097152046
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 19:09:40 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d417089b232a1f3da44d9c9196d25b2ca06d7763544270b5fd9b0d3984bf0939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78676
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Nov 2022 19:09:40 GMT
settings
syndication.twitter.com/ Frame 40DD 		913 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=61bd8a7038f30583d36e99252fcc31ef5884d70f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
116
date
Thu, 17 Nov 2022 19:09:39 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 17 Nov 2022 19:09:40 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
9b4bafb7bcc05a78
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
d260bece8c057261c7af66a6885f853324bb84d86e48806e9b02bc831d434e89
content-length
374
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:18:14 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 15:58:28 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
10285
etag
W/"558e-18486501ca0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
HIT
x-amz-cf-id
yvIGuSqlM8Ty-nQ7jpNudFXlip3ABacPldfVTMJ-9gk17jI4BKsiBg==
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=57477&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=vu1MbKAb&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3c316adf9513e5ef9c542b158da2be161d6a615f65829105bc86b9b872f54b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712180.224538,VS0,VE106
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21982-LGA, cache-hhn4049-HHN
x-traceid
3f3d33add9e53fbe0f32aa8ade9c9498
accept-ranges
bytes
content-length
1124
expires
Thu, 01 Jan 1970 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fef6c48547bc96ac80f5dcbee1f5f6955357611b5164979cdff8182b1281cbaa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Nov 2022 19:09:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86191
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QfnWsVquWUi0o0oPdhuTa6fJTvMYUI8yjC+UOQMioHmGxd3xKWg5aIT+sNOtCRMWfU05geQ/SisjKwsiR8m6Mw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 17 Nov 2022 19:09:40 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Thu, 17 Nov 2022 19:09:40 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2126601766&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1644152265&gjid=667702130&cid=419965442.1668712180&tid=UA-4780630-1&_gid=1955279772.1668712180&_r=1&gtm=2wgb90T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=1824353069
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oeb90&_p=2126601766&cid=419965442.1668712180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668712180&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1668712180267&cv=9&fst=1668712180267&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
facb127a924c28126a59074d9da5dd5469729ee8d0cc13813a99febf33370085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ed7cf5433c389ee8ba4b3b6d657fd4eab3b91c463998fbd876bef88aa35276c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Nov 2022 19:09:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86420
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QZMEL4Nzac9Ww3fPONV4jqmZFdXDjFPMc8R1Qae2YVCHh9JJ5+OGoaXn9H/oMiuAIR3H2NflcHT9Ezm69LFqpw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1668712180305&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1668712180304.1856613964&it=1668712180212&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 17 Nov 2022 19:09:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1668712180336&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1668712180304.1856613964&it=1668712180212&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 17 Nov 2022 19:09:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=6f816af26530e1f5d42c3d63ee6101f7_1769_1668712180283&tm=571&eT=6&wRV=2000952&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:40 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
bf64258d1eac42fee2da5130ad965cf3
Content-Length
28
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=61801&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&adblck=false&abwl=false&px=209&py=1247&vpd=47&cw=282&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=vu1MbKAb&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f76867785b29c2b20f23c3ce01abce90e859d99d61355a0e4b7014b97b81136f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712180.350405,VS0,VE107
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21951-LGA, cache-hhn4049-HHN
x-traceid
30e3e24c42da00c8fef16eca714939af
accept-ranges
bytes
content-length
3792
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=419965442.1668712180&jid=1644152265&gjid=667702130&_gid=1955279772.1668712180&_u=YEBAAEAAAAAAACAAI~&z=1151796741
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 17 Nov 2022 19:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=419965442.1668712180&jid=1644152265&_u=YEBAAEAAAAAAACAAI~&z=1000506545
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=419965442.1668712180&jid=1644152265&_u=YEBAAEAAAAAAACAAI~&z=1000506545
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1668712180267&cv=9&fst=1668711600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3034710602&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1668712180267&cv=9&fst=1668711600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3034710602&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 17 Dec 2022 19:09:40 GMT
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Sat, 17 Dec 2022 19:09:40 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=bb33b0176c6942eb026b624cda4cff09_1769_1668712180406&tm=695&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=1256&wRV=2000952&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=117&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:40 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
14e8f7f668e38980f2076c6c14d9797b
Content-Length
28
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/2000952/module/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000952/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e27109f8856e59b0f36419938f8e996e1068e2240d93228e16bb750da9881acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:17:44 GMT
server
AkamaiNetStorage
etag
"c7073f6152dba2e7552488f3d8b7f995:1668678451.122678"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14297
expires
Thu, 24 Nov 2022 19:09:40 GMT
get
odb.outbrain.com/utils/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=43438&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&adblck=false&abwl=false&px=535&py=4438&vpd=3238&cw=865&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=vu1MbKAb&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecf1bb564e2fd2035856aae309500a97c77b3f1ce7cfe1c807d9d2f7a85b9fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712180.473872,VS0,VE337
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13628-LGA, cache-hhn4049-HHN
x-traceid
83f67ed4957ebf2be976712bdc23c220
accept-ranges
bytes
content-length
11243
expires
Thu, 01 Jan 1970 00:00:00 GMT
get
mv.outbrain.com/Multivac/api/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000952&apv=false&sig=vu1MbKAb&format=html&rand=84080&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000952/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c7e196714898a142c4c19f2c4d9870bab3bd40a3f82eccd376b1992441660a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712181.523927,VS0,VE343
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21976-LGA, cache-hhn4049-HHN
x-traceid
513783a05227d7e5605d0e0c441a652b
accept-ranges
bytes
content-length
9169
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame BAB9 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:40 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=42311
accept-ranges
bytes
content-length
82748
expires
Fri, 18 Nov 2022 06:54:51 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
76bac31a8e16690f-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221117
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da2ac9b9317e770eee834c144e259c12d945d5126330274fd366345121d1275b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14921
x-jsd-version
1.0.1527
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4528-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"666-Epsge5G0Nm4zkk5oeMrqFC+yxjs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYzrlJf3qxv3HjzaE8zCwt9R58nNqUBiR9abo7e%2FSqmunB8N6SvlDKhJuZzCsel0PH%2BJStxPfwq8uCnZPttj4g1%2BU5Xk5ZhyW9RwcRRQcZOpGdfiWh2COQAwxu7CyKMLfEUxGKzP5Ocm5A66%2Byk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76bac31a8c0a5c20-FRA
localstore.js
script.4dex.io/ 		483 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
x-amz-version-id
1666365882701197
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx36ec54edbeb74121a0ef5-006352b9e9
age
521277
x-amz-id-2
tx36ec54edbeb74121a0ef5-006352b9e9
last-modified
Fri, 21 Oct 2022 15:24:42 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5nJVafiHjC2oAZ6q6NJeXSqeylf9%2FWmJekWHpSNRk%2Biy6h9hX7Z%2FBNBIbFtr4XA5veUQe%2B4ppKyaUCQ4R%2F1rqf%2FKXI57C7awkAeqKadkTJKqJaNLXsE6sJVmu5PrBVBoa85hJclPoWCY9fp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
76bac31a99da9b55-FRA
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 17 Nov 2022 19:09:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22715f953e19dbe4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2280adcc5ca5cd2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%2210c726406ed148e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%2211518c78d870ff2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%2212efa2daf21152%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50e9832904ae991539d92bd90cf510625160ffa1357e1da16a62f5f2319fa46

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWJsK6YQzEM0KrXoeacuk8bLftUDeI5xIFU4dVTlQ4ly4Zm7WDmnu5rBQ7meS3jGgf0Fl1Dbo6lhFJMxunTx6cZk4pZwm6pRGHXFvlTnHn6SE1lTlFPtPAb1dhEm9CbLEdEwdNNV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76bac31aee6290f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
arj
u.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8128d0a0-f796-4012-9317-70963cf4381d%2Ce11bae65-65b4-4e9f-a6e5-75871880afa6%2C8695c0ba-4a0f-43ca-9172-43de748a445a%2C95f46620-cbef-4cb4-ae28-cb9873edbcb4&nocache=1668712180888&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-7&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a072b385a8c9c0da3ace487e0ffc0f998d28a711512f0414e670e7e600d1cf7b

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=14661604786
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		114 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262888303d82faa341c816815bd8994c2ed813adf705556c14c222f98df1ae3f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
76bac31adf719954-FRA
expires
0
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
1a53cb9155346940c034192d19564f88b7fa59983311cbd54dee3ebb227bb6bc

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.walla.co.il
Date
Thu, 17 Nov 2022 19:09:41 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=8128d0a0-f796-4012-9317-70963cf4381d&l_pb_bid_id=38e9fe6a01e775c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.6339261024998211
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b0b2ab84de1dfa760cc8adb1ca9e29173891ff941e857adb22261ecdb52a7644

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=e11bae65-65b4-4e9f-a6e5-75871880afa6&l_pb_bid_id=3905cc772f604d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.6919951694553788
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ad7061bf309564b186535cef6cc9ca4681314ca5e09f287d5f92caab69ba74ca

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
402
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=8695c0ba-4a0f-43ca-9172-43de748a445a&l_pb_bid_id=40e156f41ac93e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.66534325165689
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b69e71f26c11fc7dea0aaeed85f16819b27bdd84fab8b7ca6ed6d35bd1fefb34

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=95f46620-cbef-4cb4-ae28-cb9873edbcb4&l_pb_bid_id=41ccfe4650c96e2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.27326016058414515
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ecda6ae87085a3a767ad525bbf6c00ca982040b8994715f1358adffdd8f89075

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		892 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
1d02296edfb33147af9c0d25d427916c0cb4f9ebcfd6b5d0f1fdd437dd8ddf36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
645
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
892
expires
0
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d22683653debb5aeef36a56c3fdadbcbb8699d15f39fce704f9033b376776abb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:40 GMT
AN-X-Request-Uuid
8156b551-49d5-4e67-8b1c-29bab0a98fc2
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76bac31afee4690f-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76bac31adea2690f-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76bac31adea0690f-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76bac31adedd690f-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.97.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-97-203.compute-1.amazonaws.com
Software
/
Resource Hash
58ea193c0a47c4475940d00d966af3aba9ac9ae4f9b2200a426214ed3fa3068d

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		24 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
52e5e2e7d5d045b725c3e1d92c6d91130982ccc30d8f89984a3aaf9cb2216e33

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 17 Nov 2022 19:09:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:40 GMT
AN-X-Request-Uuid
7ee37323-4e7b-457c-9660-da113e800883
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.1.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-1-16.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3479824425706933&correlator=464484493949048&eid=44778642&output=ldjh&gdfp_req=1&vrg=2022111401&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&didk=1193244743~1193244742~1193245112~1193245117~1193245119~1193245118~2997460807~2997460804~2997460805~2997460802~2997460803~2997460800~2997460801~2997460814~2997460815~2997460812&sfv=1-0-40&ists=4095&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1668712180964&lmt=1668712180&dlt=1668712178091&idt=488&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C1232%2C2829%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951%2C10951&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=419965442.1668712180&ga_sid=1668712181&ga_hid=2126601766&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
324633a3d349439d4b5a7dcd60a06a91623acbbb20c98e377886f6aebbcc12eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12017
x-xss-protection
0
google-lineitem-id
-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B2D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Fri, 17 Nov 2023 19:09:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sat, 17 Dec 2022 19:09:41 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=1e6a5d50e5c7dda9e0aec0f77faecc53_1769_1668712180760&tm=1301&eT=0&widgetWidth=865&widgetHeight=259&widgetX=535&widgetY=4459&wRV=2000952&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=577&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:41 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
1e878f028de23c92ac61cf56c0ef0ff0
Content-Length
28
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=47659&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&adblck=false&abwl=false&px=535&py=11150&vpd=9950&cw=865&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=vu1MbKAb&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
530cbfd73b9316efe43164e0a64c908157ff67475705c37f52edf7db1918e98d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712181.079720,VS0,VE124
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21950-LGA, cache-hhn4049-HHN
x-traceid
dc6a2981276b7fe4930570198aa9fbf9
accept-ranges
bytes
content-length
3953
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2DEE 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
clip.js
widgets.outbrain.com/nanoWidget/2000952/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000952/module/clip.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7c0c70cd209bcc0c2692faf8dfd5e0aa98fe7720c797d337b53e100703dff20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:17:44 GMT
server
AkamaiNetStorage
etag
"6f3fc3e9d3a5347e5f3a98ae6f23e9dd:1668678421.691777"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
706
expires
Thu, 24 Nov 2022 19:09:41 GMT
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000952/module/ 		503 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000952/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
635806966dbc027861305ee488fcd27a0c78df960561f9b635e8d9a76d52a358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
last-modified
Thu, 17 Nov 2022 09:17:44 GMT
server
AkamaiNetStorage
etag
"58607d561a12353793fbcea5b7175ae0:1668678446.084747"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Thu, 24 Nov 2022 19:09:41 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=21f383b6ebccb549f59ee7c30fb9ddc5_1769_1668712180800&tm=1421&eT=0&widgetWidth=282&widgetHeight=533&widgetX=209&widgetY=1297&wRV=2000952&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=110&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:41 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
c5b7ae14bbf9332ebc186bea9eb97673
Content-Length
28
Content-Type
text/plain; charset=UTF-8
eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
last-modified
Mon, 22 Feb 2021 15:16:40 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=1513485
access-control-allow-credentials
false
x-traceid
3c13f6b7fcb9141d5df4b726bb0d4033
timing-allow-origin
*, *
content-length
74568
eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		73 KB
73 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af8ade5267850f499d3bbf4675d595bbc040a83e2dbefa30a6d28ad3f01b4bde

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
last-modified
Mon, 22 Feb 2021 15:16:40 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-74567/74568
cache-control
max-age=1513485
access-control-allow-credentials
false
x-traceid
3c13f6b7fcb9141d5df4b726bb0d4033
timing-allow-origin
*, *
Content-Length
74568
eyJpdSI6IjkyOTRhZjcwN2Y0MWMwZGVjZmE2ZDNiY2MwN2Y3OTUwZTJiNzFlNjc2OTM4NDc4NTdiNDcwNjllOTRlODkxZWQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyOTRhZjcwN2Y0MWMwZGVjZmE2ZDNiY2MwN2Y3OTUwZTJiNzFlNjc2OTM4NDc4NTdiNDcwNjllOTRlODkxZWQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60c87b8ca93da9430130a54a30b3e910c9e73ac34efa13b29098a210435bd186

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
last-modified
Wed, 28 Sep 2022 00:20:21 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=913534
access-control-allow-credentials
false
x-traceid
f12cad7ab74734b15d05697518d5cde2
timing-allow-origin
*, *
content-length
49840
eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
last-modified
Mon, 22 Feb 2021 15:16:40 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=1513485
access-control-allow-credentials
false
x-traceid
3c13f6b7fcb9141d5df4b726bb0d4033
timing-allow-origin
*, *
content-length
74568
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
x-amz-version-id
1666365881812584
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txed51dfd210c74c41b63f8-006352b9ed
age
2346247
x-amz-id-2
txed51dfd210c74c41b63f8-006352b9ed
last-modified
Fri, 21 Oct 2022 15:24:42 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBg9oi2zu79Lg5CGfOyIHXMgCQ8xQ8lTv3oi0QCyk6bTnbJBQRHsl2jaCR8CKrC8wRMtJxhCuCdO2VYDOoEMFEeIFDAJ5PYfvMg4cucU4kuefjybQ%2F0XoLKS7RWtROs%2FAn9f4%2BAHeBxN3zLk"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
76bac31d5c3ebbc7-FRA
access-control-allow-headers
Authorization
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
614039
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
76bac31d3b93690f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=8f539c8e6018bfac5b8cb9a156cd5082_1769_1668712181153&tm=1531&eT=0&widgetWidth=865&widgetHeight=41&widgetX=535&widgetY=11209&wRV=2000952&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=223&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:41 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
20c9781b4bb7e695f28c2b1c297d20f3
Content-Length
28
Content-Type
text/plain; charset=UTF-8
get
mv.outbrain.com/Multivac/api/ 		110 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000952&apv=true&sig=vu1MbKAb&format=html&rand=83241&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=4&lastCardIdx=0&fAB=11741-81727&layeredTestInfo=11741-81727-&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000952/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e6de2c7977b8fb4e17d1fe0db90f5b25f46481daebf5092541f648e6b616a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712181.311027,VS0,VE1871
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13626-LGA, cache-hhn4049-HHN
x-traceid
7c8eb08c6a318561b6d9bccbc774482a
accept-ranges
bytes
content-length
25619
expires
Thu, 01 Jan 1970 00:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame D8FF 		0
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac31dbcdc690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
server
cloudflare
vary
Accept-Encoding
55b1b9794fc6aa54d3cdda4bb3951a4d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 7A74
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
0
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac31ebef4690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Nov 2022 19:09:41 GMT
Expires
Thu, 17 Nov 2022 19:09:41 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1668712181483063-550
v1
match.sharethrough.com/universal/ Frame 0E5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.229.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-229-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
0ask8Bamy5HPYuecDO3t
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 360B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0ask8Bamy5HPYuecDO3t?pi=smilewanted&tc=1
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0ask8Bamy5HPYuecDO3t?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac31eff88690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 17 Nov 2022 19:09:41 GMT Thu, 17 Nov 2022 19:09:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0ask8Bamy5HPYuecDO3t?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 60F3
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
4fd8d415-24e3-40d0-971f-b3415fe5fa1b
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Nov 2022 19:09:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac31ebef2690f-FRA
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
server
cloudflare
container.html
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9730 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Fri, 17 Nov 2023 19:09:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
connectmyusers.php
cdn.connectad.io/ Frame E48F 		1 KB
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76bac31f6a4268e9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
server
cloudflare
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 17 Nov 2022 19:09:41 GMT
server
Google Frontend
x-cloud-trace-context
99874095d00b2530b14577d7cf930f47
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-request-id
efd73d3d-86f0-41a0-b901-ad9432b5bba1
x-vad-version
0.9.12

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
39d16a743b85cb078b9be0182a8160ee
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		346 KB
77 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3479824425706933&correlator=3101367273577418&eid=44778642&output=ldjh&gdfp_req=1&vrg=2022111401&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830821&didk=1193245113~1193245115~1193245114~1193245116&sfv=1-0-40&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D91cfc77252e8666%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D92873a6f14c5425%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D9315a8e0baabb34&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3Dc80db694e55d78f7%3AT%3D1668712181%3AS%3DALNI_MZq50EShsVQZNATGnotfS5dMTHObA&gpic=UID%3D00000b82a9672599%3AT%3D1668712181%3ART%3D1668712181%3AS%3DALNI_MYoWuVidiJKdOJz3kbw-n_fKUeGlw&abxe=1&dt=1668712181666&lmt=1668712181&dlt=1668712178091&idt=488&adxs=1480%2C200%2C200%2C200&adys=450%2C1644%2C1659%2C2618&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C16%7C17%7C18&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=419965442.1668712180&ga_sid=1668712181&ga_hid=2126601766&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb9ef64ef484761e4c03a9f5a51c726f2416d24244787f60140741e05e8295fc
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWtzqb1tfsCFYPvuwgdUmIGyQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16900789838091633912/300x250_EN/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPStzqb1tfsCFYPvuwgdUmIGyQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14046155014989064645/300x250_EN_MM/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWtzqb1tfsCFYPvuwgdUmIGyQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16900789838091633912/300x250_EN/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPStzqb1tfsCFYPvuwgdUmIGyQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14046155014989064645/300x250_EN_MM/index.html
date
Thu, 17 Nov 2022 19:09:42 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78631
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame 0870
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 17 Nov 2022 19:09:41 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Thu, 17 Nov 2022 19:09:40 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
f3a87f85-83c1-4520-84c9-350b70bd96a0&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame E6A4
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f3a87f85-83c1-4520-84c9-350b70bd96a0&partner_id=1010
0
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/f3a87f85-83c1-4520-84c9-350b70bd96a0&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac3209abe690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Thu, 17 Nov 2022 19:09:41 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/f3a87f85-83c1-4520-84c9-350b70bd96a0&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
adview
securepubads.g.doubleclick.net/pagead/ Frame 9730 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C__Xm9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTtAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C6ijrFn3jFdgajI7g9HCefpwSMY2ZueEH5eOzPL7P3rg69bTr_kOeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=hRqml-qZUnQ&uach_m=[UACH]&cid=CAQSPADq26N9p_AUTqj2dpXyBWmBt1kYkNaeEXKdInB-EPxyreSw6xHwN8CEAbAfcXj4Jq36X71glzsdrs5M4BgBIBM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 9730 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFOv_CsoH-gGdg2ICAgAAAERKsbLBpQHOUwfGnGMh-yoQ9YZ2Y7Ixfvbq8ih6UxaqABIAAA&wp=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
272871
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 637E 		141 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f9fc1693bef3b414ec2d07d7479170d7e0c3601cdf221077e1d020349ed4f228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0eHrVKMhT-epnvOq561ZI_tFdK2wG9gQYOfnnuJGaN_goh7WyFgt8iUmKlEyw7QVgE-M1JMFm29hMM8uz24f2_rr61HOhS7sT5-3xUxsiE4eTCXYd5IJERuBaoP0uecdMTPTcp8-cRabqYr-e-KgHARNpJrR6eWNgFz39eDPTin4XJuaPWeUcXRFTf1N5jd0MZmc-O_9FgGGOj4BEVd_tcVIoI7JT4cPwHwPBXvMoCF8QYr0XRACkvy297s"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
71525297
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9730 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2E17 		1 KB
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Fri, 18 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9730 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
17236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 14:22:25 GMT
l
www.google.com/ads/measurement/ Frame 9730 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAmkWGFEfVBjBb-4iNctTWpQnTHiVGUlxtvMbFKl_7JDhOs6x4-TTqzC1eiSRoU37BDtYkxnv6zHxvE6E8wJtl3lmZPQ
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9730 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 05:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
135585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 05:29:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9730 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:09:41 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 6C2C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
1
sync-eu.connectad.io/syncer/ Frame CB0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
76bac3201bd268e9-FRA
date
Thu, 17 Nov 2022 19:09:41 GMT
server
cloudflare
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 2E17
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOFsh-vkW3EM4j0AghYP9Y0&google_cver=1&google_push=ASkJ3FYBUN_0hhmeDQhpOpDyQOa54bic6PXnbpcvK1gkMAu7UEt6Rr123Gd94d_RHnZiUZUndW4kZL64Mqp...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYBUN_0hhmeDQhpOpDyQOa54bic6PXnbpcvK1gkMAu7UEt6Rr123Gd94d_RHnZiUZUndW4kZL64MqpGuJjH3q_RqpL3cCtW&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYBUN_0hhmeDQhpOpDyQOa54bic6PXnbpcvK1gkMAu7UEt6Rr123Gd94d_RHnZiUZUndW4kZL64MqpGuJjH3q_RqpL3cCtW&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYBUN_0hhmeDQhpOpDyQOa54bic6PXnbpcvK1gkMAu7UEt6Rr123Gd94d_RHnZiUZUndW4kZL64MqpGuJjH3q_RqpL3cCtW&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2E17
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENq-bq6VR1OHWIlqbCy9eR4&google_cver=1&google_push=ASkJ3FZaNaq_aCna2JYrdT29IRMwBKhFTC2P5Ujbo_0HvG9qVkr_nQp_zKgMs371DUw8gSVZJGL6S_DbDQyrP0...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NzA2NDI0ODEzMDk5MjI2OA%3D%3D&google_push=ASkJ3FZaNaq_aCna2JYrdT29IRMwBKhFTC2P5Ujbo_0HvG9qVkr_nQp_zKgMs371DUw8gSVZJGL6S_DbDQyrP0-_2L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NzA2NDI0ODEzMDk5MjI2OA%3D%3D&google_push=ASkJ3FZaNaq_aCna2JYrdT29IRMwBKhFTC2P5Ujbo_0HvG9qVkr_nQp_zKgMs371DUw8gSVZJGL6S_DbDQyrP0-_2LzSyCFs_eTm
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NzA2NDI0ODEzMDk5MjI2OA%3D%3D&google_push=ASkJ3FZaNaq_aCna2JYrdT29IRMwBKhFTC2P5Ujbo_0HvG9qVkr_nQp_zKgMs371DUw8gSVZJGL6S_DbDQyrP0-_2LzSyCFs_eTm
Date
Thu, 17 Nov 2022 19:09:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 2E17
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHTkAaRyfhenZh2M4LKHsnA&google_cver=1&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzz...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHTkAaRyfhenZh2M4LKHsnA&google_cver=1&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lK...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzzR23g008x&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzzR23g008x&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbgOG2z4q7sevoHllDbQrGtvP0267vryiZKMPkRYn8ADbkBYGRwfsslPBsWDO2yX2rMtE2TIHJ5eK04lKBEMSzzR23g008x&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2E17
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG6z0T75JoySrEeVteKgdQI&google_cver=1&google_push=ASkJ3FZc8B8YXKZoOFrGTyyhA1QZtIHEiOaeFLv3TXH3PxIoXFJwU0l9UkGAn32EpIkLYidWUmp474oApr4itoqX0xE8lwe...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZc8B8YXKZoOFrGTyyhA1QZtIHEiOaeFLv3TXH3PxIoXFJwU0l9UkGAn32EpIkLYidWUmp474oApr4itoqX0xE8lweAq-yD&google_hm=ODk0MTUwNzg0ODc3NTk2MT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZc8B8YXKZoOFrGTyyhA1QZtIHEiOaeFLv3TXH3PxIoXFJwU0l9UkGAn32EpIkLYidWUmp474oApr4itoqX0xE8lweAq-yD&google_hm=ODk0MTUwNzg0ODc3NTk2MTIxMg%3D%3D
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZc8B8YXKZoOFrGTyyhA1QZtIHEiOaeFLv3TXH3PxIoXFJwU0l9UkGAn32EpIkLYidWUmp474oApr4itoqX0xE8lweAq-yD&google_hm=ODk0MTUwNzg0ODc3NTk2MTIxMg%3D%3D
content-length
0
dds
rtb.openx.net/sync/ Frame 2E17 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMkQVual4mNgJ54ESXA5kvk&google_cver=1&google_push=ASkJ3FaLVijRRGqSNMQeuqvKKYzhkHftYrqXIA7KS5CwPfXTbNUuSgZYkqN_ErGCK1-iUC3Ly_-eFyiF605PkFWr-8wMLO9jUYzJ
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:40 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2464b7tjkmi9mn9fb95c7bqd1e3ffqo6
pixel
cm.g.doubleclick.net/ Frame 2E17
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHFTuHl4RIwdexERSkOlT9w&google_cver=1&google_push=ASkJ3FbfYcrmQFxaaOD_HRTSHKwQCcJr0vadejZjNSs_SheIkNSGaWYgF24geUJ3D4IFEiPY2OR...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==&google_push=ASkJ3FbfYcrmQFxaaOD_HRTSHKwQCcJr0vadejZjNSs_SheIkNSGaWYgF24geUJ3D4IFEiPY2ORhEK5f_T6n1nZOl7tQQVs5eKRo
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==&google_push=ASkJ3FbfYcrmQFxaaOD_HRTSHKwQCcJr0vadejZjNSs_SheIkNSGaWYgF24geUJ3D4IFEiPY2ORhEK5f_T6n1nZOl7tQQVs5eKRo
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==&google_push=ASkJ3FbfYcrmQFxaaOD_HRTSHKwQCcJr0vadejZjNSs_SheIkNSGaWYgF24geUJ3D4IFEiPY2ORhEK5f_T6n1nZOl7tQQVs5eKRo
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
/
onetag-sys.com/match/ Frame 2E17
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENkE1m6SFIV6qYteF6oX2K0&google_cver=1&google_push=ASkJ3Fb-oKYjvkRybqLW2gTkGJkQWpzS8jhIaYQ6PrH95abap3VkDvZ12enbQh63KpMShLWdYCg6n2WCxK3...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fb-oKYjvkRybqLW2gTkGJkQWpzS8jhIaYQ6PrH95abap3VkDvZ12enbQh63KpMShLWdYCg6n2WCxK3IzYXZsDS6Q8-HoignhQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2E17 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPo30255t3622wYEu57Tbpr86fxaynVKsQsJ_C0ROjyuStk4fh2b8_u1MCIYjmG3pEBzqAWQ
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 226C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25273
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 18 Nov 2022 02:10:54 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Y3aG9YbFpXTyqlEEpBXksQAA%265131
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 2E32
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3aG9YbFpXTyqlEEpBXksQAA%265131
0
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3aG9YbFpXTyqlEEpBXksQAA%265131
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac3217c6d690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76bac3210c676955-FRA
content-length
0
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3aG9YbFpXTyqlEEpBXksQAA%265131
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv8%2FLq0y1DlF%2FRuMDR4Z%2FFBIq6IHDR1FyIScPhAlCVk9tWDbrl5%2FjQuTNO88QaB3pG09pRPBPKj6pnN6sZZhzyQBI5xojO4S7A%2FB325NCGiY0qjVYR%2BFcdzHusPiX6WWEmBCg5dKnto3Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 226C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13296129&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1d0548a7214a7efb8ac7cc7562a6fb4c317ba0ace7363414d9bf3dd1c6717abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame 9730 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8b5ce25e333cbdcf69d7d3b30dd3400d2f248602e7ddb76b1b874d8506d2965

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
match
c1.adform.net/serving/cookie/ Frame F50E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 17 Nov 2022 19:09:42 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 17 Nov 2022 19:09:42 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 38FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ec06376-86f6-4800-918d-f2cba1203547&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ec06376-86f6-4800-918d-f2cba1203547&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 17 Nov 2022 19:09:42 GMT
Expires
Thu, 17 Nov 2022 19:09:41 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x17 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ec06376-86f6-4800-918d-f2cba1203547&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 29BC
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6938000792588066926
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6938000792588066926
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6938000792588066926
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 23BA 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Thu, 17 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
392395
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E6B8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Nov 2022 19:09:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z11HNR3TGKK364248ZZY

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Nov 2022 19:09:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
X87D2KGSKMQWAS1HPE5E
Pug
simage2.pubmatic.com/AdServer/ Frame 51BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1683260912507697352&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1683260912507697352&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
e5018793-444d-4cc4-9a38-4e28be01400d
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Nov 2022 19:09:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1683260912507697352&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 167C 		0
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac3216c44690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:42 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 226C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QEHcFpLYSiOj1E5M4ToIug%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=25272
accept-ranges
bytes
content-length
5549
expires
Fri, 18 Nov 2022 02:10:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 226C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5bac6376-86f6-4400-a8c8-bce9b09cb6f9
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5bac6376-86f6-4400-a8c8-bce9b09cb6f9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Nov 2022 19:09:42 GMT
Server
MT3 169 32252b7 master nrt-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5bac6376-86f6-4400-a8c8-bce9b09cb6f9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Nov 2022 19:09:41 GMT
generic
match.adsrvr.org/track/cmf/ Frame 226C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 226C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA0MURDMTYtOTJEOC00QTIzLUEzRDQtNEU0Q0UxM0EwOEJB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 226C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBsHqfCKePn_5vsw7qCtG9U&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBsHqfCKePn_5vsw7qCtG9U&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBsHqfCKePn_5vsw7qCtG9U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 226C 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 16 Nov 2022 19:09:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 226C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824179535340228277
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824179535340228277
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824179535340228277
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 226C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
privacy_small.svg
static.criteo.net/flash/icon/ Frame 637E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 637E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 637E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Nov 2023 19:09:42 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 637E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Nov 2023 19:09:42 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 637E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=rakBmaakDsbZ4BraU9MWJoTlYqC7mTr3iIa27rXiWCXpee60ftB1WBVrQ_MwgUzy0RysT1Mg3SsdWjfE2PaTUMPLL3m9kRGuZ8XsB2CsVt-AV6hhbNWQtDCaJD2Xal7cHSWnpPr_AvFKFZPG88oUTwuYA7TxaXC5Zlc-OcktWdXGtmyfk-DVoxWbVOaEQgs_3MOOZyDt1XQvNh5AllEpEGTfSbtM1_Pwm47i_-6lQ6Xnz_ZUZkC0D8NNm1Fm0xrogQHl6LV9sWvkbyBBlSUY9o2ZZcIsaPpGk-FJ51xPPdgVEwc68MbNjyKaqDXJmT7J7erQpSH1jD2aPxrjCHDi6BG5n3dJ_CQcB7N2JhP4WKsq2zyRxYCmhh1wJROfp1vHuOppMaJlblJdjQ2GAGpPIZihRYybk8OuDtEc04xWcI7c89Lt
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2934718
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 637E 		44 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668712181
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
z5mu0dUoqZuXoazxqvRazoQoqeEv102CPaOOEJRpDLYEmgXEnUW9tw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 637E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
img
pix.eu.criteo.net/img/ Frame 637E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=YMwIwnYfvEdOCB7pG7_o_SEP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052282
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11301
expires
Fri, 20 Oct 2023 01:14:24 GMT
img
pix.eu.criteo.net/img/ Frame 637E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoAmazon-Workforce-Staffing-245849DE-2005201401.gif%3Feb%3D1&v=3&w=400&s=S8H46qf3EvuvyZds2gfujwsz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1645514
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1902
expires
Tue, 06 Dec 2022 20:14:56 GMT
img
pix.eu.criteo.net/img/ Frame 637E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoAdecco-Deutschland-57598DE-2206101205.gif%3Feb%3D1&v=3&w=400&s=dvNhU4Ck7-p0W-U9324Tt8FS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
68e85ddf76b98bb06e4fb9e7cef3a0bf4864a5e8235c226e087158ad41e90a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=775464
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2224
expires
Sat, 26 Nov 2022 18:34:06 GMT
img
pix.eu.criteo.net/img/ Frame 637E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoSAMSON-AKTIENGESELLSCHAFT-86067DE.gif%3Feb%3D1&v=3&w=400&s=-MBLwuBAZ1WQ2IW18ydnYDYg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0c93f8d07c36a4e1183845d3534ca109c7c29c73c097b23a7529f4ce39d40b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1094097
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3758
expires
Wed, 30 Nov 2022 11:04:40 GMT
img
pix.eu.criteo.net/img/ Frame 637E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoTakeaway-com-282674DE-2111151557.gif%3Feb%3D1&v=3&w=400&s=2tkmevNX3FUxPj5fn_dIDE64&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b82321148229dced6dcf746385d81b79f5925607672c8f4f9b0082911c3ebda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2550527
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2286
expires
Sat, 17 Dec 2022 07:38:30 GMT
all
csm.eu.criteo.net/ Frame 637E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0eHrVKMhT-epnvOq561ZI_tFdK2wG9gQYOfnnuJGaN_goh7WyFgt8iUmKlEyw7QVgE-M1JMFm29hMM8uz24f2_rr61HOhS7sT5-3xUxsiE4eTCXYd5IJERuBaoP0uecdMTPTcp8-cRabqYr-e-KgHARNpJrR6eWNgFz39eDPTin4XJuaPWeUcXRFTf1N5jd0MZmc-O_9FgGGOj4BEVd_tcVIoI7JT4cPwHwPBXvMoCF8QYr0XRACkvy297s&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 637E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 637E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 17 Nov 2022 19:09:42 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Thu, 17 Nov 2022 19:09:42 GMT
container.html
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D544 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Fri, 17 Nov 2023 19:09:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E82A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Fri, 17 Nov 2023 19:09:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9830 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Fri, 17 Nov 2023 19:09:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:41 GMT
expires
Fri, 17 Nov 2023 19:09:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D544 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
17237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 14:22:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiEuN9YZ2Y7LfLoPf7_UP0sSZyAz8jYK_bIyaja_9D7iiypbtNxABINGTwypgleKQgqAHoAHwvcb2A8gBCakCZLyOdHxMsT7gAgCoAwHIA8sEqgTgAU_QyefAJP2HenZmNhJpVz29gan7ADxVOLWFEx0Kqp3IFo0rsqsqDH4lK-sns7FI62A1GeNWhytyQqABR1Wbt8_qPUb8Gf5RHiycWn8dGDbIqM6qMz9ZdGR0kLb_J0Jbsj0y2LYXnVtqhPBFXRNcCXJLmuMr0u3Bk7Izr_UNCzKjTurUHZgHpFRRWDWBY2MwJpXIM0MPcjBBgZUzF-x9GHnI5dlDT3lXiUfKuwl2pEeypU4oLYo7n05_MbI5JYow5-CM_XbYaIUX3mzDvhBZSodgNrw7Kb53B4mH0fiqbKWRwASn05L_lATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-MG5CagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCxshDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=176jnpVydqU&uach_m=[UACH]&cid=CAQSPADq26N9LofOspIWj3ah4bwcnyVWeWU-mjn3mlUsW_YLFzMAUoHoUaisqvQ12muN6E4TPKUGUxoIJYzMbBgBIBM&template_id=494
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D544 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D544 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D544 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
17237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 14:22:25 GMT
l
www.google.com/ads/measurement/ Frame D544 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSV_lSQJv-XlpQmyP1md_r4CrJ-XRZLM6xyXdnrSvJpqL0J9BAlRX8U-W31tFC-f3IvRlowd43HU8zu1wTPGmCkLH2YIw
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D544 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:09:42 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame D544 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 18:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Fri, 11 Nov 2022 21:18:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 18:33:43 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame D544 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSw2fVKBCysWa8-b4PvFWv49KTGhZVzCptBlUWkcHCjvUmoxzS0LOcjpXMlZHs&usqp=CAI
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e71b6942403567489ef3b0842d646bf40fb86523c32222b7b237224357b5a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:58:56 GMT
x-content-type-options
nosniff
age
220246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25896
x-xss-protection
0
last-modified
Mon, 23 May 2022 06:11:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 15 Nov 2023 05:58:56 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D544 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS-oKgDz_8hOxKHj5GAlLg-aV3tXaMxywKyJ4pe65e4gwI2HMTQicOJnXy3ew&usqp=CAI
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6e1ac92dfe2f84368ab073bb791086c0efd2c9aa3c3815f4ee507cc133c99b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 03:47:59 GMT
x-content-type-options
nosniff
age
400903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12122
x-xss-protection
0
last-modified
Sat, 12 Nov 2022 13:11:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 13 Nov 2023 03:47:59 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame D544 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ6VFXeHyJ7gvSjPrO9WKPRNfvOFgfjrDZNailwVxjT2HR8xkt6&usqp=CAI
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:38:19 GMT
x-content-type-options
nosniff
age
451883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21587
x-xss-protection
0
last-modified
Wed, 10 Jul 2019 07:52:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 12 Nov 2023 13:38:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E82A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKCvj9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT2AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGCsB-anwGMdK03T2y6DDKgPo-tjRZEgNBqjKDMKWD_7KfnwBvIwtuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=bozgmX-MqTY&uach_m=[UACH]&cid=CAQSPADq26N9LofOspIWj3ah4bwcnyVWeWU-mjn3mlUsW_YLFzMAUoHoUaisqvQ12muN6E4TPKUGUxoIJYzMbBgBIBM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame E82A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQ9YZ2Y-uJn30cPxpVWgScABIAAA&wp=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
351161
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2006 		134 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
501ff47e21ba921e93282bf091dbaefa0aeb82a3c97d0940dfbaab567ad22240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4rNbp6MhT-epnvOqV17KCGfnH3C8omsWDx7fpY-fh9wGYaIj98kgSIoSO2-H4tuVW7iElm-EruKJW2QPSe0Go5GcdPNiIjnzOhf7htcKH5x77824H3iBr1IhHffAxkmbag-2zxtlfLW2WniJd4ouabsu1OuGHh-uFPJyYA33iTBvG4_ALAkWt-6B0lGM2dlbCZOiOYmPP_5fFv2BewpqbvizSEPyrsOd_93aqbvpLD0kxSlqfX9BJUDlJBXqK8GlEP7WhA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
83382436
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E82A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 27D3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Fri, 18 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E82A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
17237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 14:22:25 GMT
l
www.google.com/ads/measurement/ Frame E82A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIf3MGy-D7XTEI47uRFHZim9zUSWCTR8MLo2DLc1nT7wA4jdAlahHrBkWVNp7N0SksvI9mWRvLVNBslKdhcklc19TwBA
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E82A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 05:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
135586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 05:29:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E82A 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:09:42 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/ Frame 4957 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99c34a3148b5e3a09cb2ffea49aa2702957aaeb4a743a6ececa67d18ba7cb10c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1815
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 10:57:21 GMT
expires
Fri, 17 Nov 2023 10:57:21 GMT
last-modified
Thu, 17 Nov 2022 10:34:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9830 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-YVJ9YZ2Y7TfLoPf7_UP0sSZyAzkrcC7bZby197FEN2rg8LwIhABINGTwypgleKQgqAHoAHumKTtAcgBCakCBLh6Jv0NqT7gAgCoAwHIA0iqBOQBT9DoaPbsIB3Z5qla8yQmv6e42ee1-AHohA7hQAOzpcMX6KeO-s4-hKy8rbBz3WMkGWLzWMpuiOqocuex_Ad1skxF0lxLNIWy1Z4MR7mLzk2HsPDQNDlTRBWMUJGO6muc1ZYgXr5d13U7SP_X5YzUMruw66hKprPIXExiGySA3XslSMax5N3vNdaBQmVC7MwetaZy5iZMBYufNbvfJzpElB8LDU0IlzcitOW0Qy1-6oXiO-ReL4FHfSEzuXK1PCpauDOHWQdK30eMAUVQ1PCJniW615F752dv7aMvUi5gkRvxW4ziwATcudvykwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-ubbkgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCJ7wPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=BR8JSl4JNW0&uach_m=[UACH]&cid=CAQSPADq26N9LofOspIWj3ah4bwcnyVWeWU-mjn3mlUsW_YLFzMAUoHoUaisqvQ12muN6E4TPKUGUxoIJYzMbBgBIBM&template_id=419
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9830 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/ Frame FC52 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99c34a3148b5e3a09cb2ffea49aa2702957aaeb4a743a6ececa67d18ba7cb10c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1815
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 10:56:53 GMT
expires
Fri, 17 Nov 2023 10:56:53 GMT
last-modified
Thu, 17 Nov 2022 10:34:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A4D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUBcq9YZ2Y7XfLoPf7_UP0sSZyAzkrcC7be7x197FEN2rg8LwIhABINGTwypgleKQgqAHoAHumKTtAcgBCakCBLh6Jv0NqT7gAgCoAwHIA0iqBOcBT9BOL3h2w4YVWofvyW8znqKwbZihAqZ5ZXN99jqokPJUaOysxyEO-KjD8HIrg74xFkxgSgcje629Vp_hjdcTjnvnplkdxvpTO_lpIzwQ9JatgQg5eVRV4ZQdOX-u9Udwr0dG-MSRj2n5ZPRwSVUm1qZZXXZaPJFY3kWjC1OF4dg2Uk_2-OldvNWwu8hEfQHOCiot_BCmyIBAGCZjWaiQhpTC6rT9Ya6HpkHWc9JV7exNtfARPLT0Fy8gipzALXkPceyVojCMEhlhkyJyPbDYk9OFvmpcEdLmNBk7XuGZq0WCM7qNkG34wATcudvykwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-ubbkgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCNiAPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=Y1axBPAfIOE&uach_m=[UACH]&cid=CAQSPADq26N9LofOspIWj3ah4bwcnyVWeWU-mjn3mlUsW_YLFzMAUoHoUaisqvQ12muN6E4TPKUGUxoIJYzMbBgBIBM&template_id=419
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A4D0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 27D3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBUnnBvPhctI-fFFme8cbu0&google_cver=1&google_push=ASkJ3FZcI904ah0_rWx6oo_YiACPymGzgr4tmXRxvoXfHNQY4OKAuMui2VXqCq9OzbpbBeczNt1DqRTWdsFRSAr09yIyBoU0noIyEA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU0NjMwMjQzNTYzNDE5MDk2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUnnBvPhctI-fFFme8cbu0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUnnBvPhctI-fFFme8cbu0&google_cver=1
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUnnBvPhctI-fFFme8cbu0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 27D3 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAJE8tr0aleP1nWwKFAy-xI&google_cver=1&google_push=ASkJ3FbBobYpDO8DLwmRaPG_okFoE92g6vdB5Lx88okZlR_hpYhI_83q6jD95k3rn34aC4-Jn2GpIiKOKt0JcSR3j2ZTXRvH_ei_
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 27D3
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBzeMnw560qpZWyR9Mmvcqk&google_cver=1&google_push=ASkJ3Fb5I-xy7HCik_100mFMpaBryFT3c_UCPs-cYxRspULi1yKZ6vx1c6QINJJpHbESM78YbKDB9RV8-AmIMCAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WuRi913eTYuK-hTk4C0qCQ2&google_push=ASkJ3Fb5I-xy7HCik_100mFMpaBryFT3c_UCPs-cYxRspULi1yKZ6vx1c6QINJJpHbESM78YbKDB9RV8-AmIMCAEPlN6xt8RcEPRvw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WuRi913eTYuK-hTk4C0qCQ2&google_push=ASkJ3Fb5I-xy7HCik_100mFMpaBryFT3c_UCPs-cYxRspULi1yKZ6vx1c6QINJJpHbESM78YbKDB9RV8-AmIMCAEPlN6xt8RcEPRvw
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Nov 2022 19:09:42 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WuRi913eTYuK-hTk4C0qCQ2&google_push=ASkJ3Fb5I-xy7HCik_100mFMpaBryFT3c_UCPs-cYxRspULi1yKZ6vx1c6QINJJpHbESM78YbKDB9RV8-AmIMCAEPlN6xt8RcEPRvw
x-host
tde-deliveryengine-production-677545f645-bftcg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 27D3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO4yZThW8aYgoWenowNU3As&google_cver=1&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO4yZThW8aYgoWenowNU3As&google_cver=1&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9MO_NXHSY0nVgA&google_hm=FqvdpGZHVQYvQiBNQXyi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9MO_NXHSY0nVgA&google_hm=FqvdpGZHVQYvQiBNQXyix2ZU
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 17 Nov 2022 19:09:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWxRgEodsPE_Nc8p6Q5kDNvnK1ZtyJSY6gv-4tq0z-GkRjolCqtlVgLwZennB9yTVDk6iHAMN1ZVDlKtLy9MO_NXHSY0nVgA&google_hm=FqvdpGZHVQYvQiBNQXyix2ZU
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 27D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELtUjSVLU4sGsv7gx9TeUC0&google_cver=1&google_push=ASkJ3FaP0IF-SzZIeieoBAeebM0rSJv-7x8btwfSgb_IA_mua4jT3haGkWjqHfGB6K1u5FIltD...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FaP0IF-SzZIeieoBAeebM0rSJv-7x8btwfSgb_IA_mua4jT3haGk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FaP0IF-SzZIeieoBAeebM0rSJv-7x8btwfSgb_IA_mua4jT3haGkWjqHfGB6K1u5FIltDqgjzVC_f-fqsfgVY_StBgHMrv1aH4
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FaP0IF-SzZIeieoBAeebM0rSJv-7x8btwfSgb_IA_mua4jT3haGkWjqHfGB6K1u5FIltDqgjzVC_f-fqsfgVY_StBgHMrv1aH4
date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 27D3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENkE1m6SFIV6qYteF6oX2K0&google_cver=1&google_push=ASkJ3FaV4XmkwiuzOGxeUVq9RZlzJ6CFMhyuBv5_NbZNcFO2yaRrJmvycsAJ8qID7E7kWEM6v829UUWMqOo...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FaV4XmkwiuzOGxeUVq9RZlzJ6CFMhyuBv5_NbZNcFO2yaRrJmvycsAJ8qID7E7kWEM6v829UUWMqOojZcEMy-1NgQBmklVdfgg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 27D3
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELCqC7t61HbLgx8kkj7j7M4&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FYrAZ62glz-iGd0ofJGMtUIIQx7NLmTahmL0ggaH0RmC-aS1w6pkuoho09mrP0_rRLHeSlYuDeYBmzOEcmSmZXMJqi0oBvEjg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-1-49.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Thu, 17 Nov 2022 19:09:42 GMT
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 27D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILUu-S820tMXYh22c0W6pnV2ypLQlWtS5mfBJYnqbJTpRE7WuQAjiV5k3a9Eiy2AAUMPgaQP3u
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4957 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
19522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Nov 2022 13:44:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4957 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Nov 2022 09:40:58 GMT
css
fonts.googleapis.com/ Frame 4957 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700,400
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 18:48:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Nov 2022 19:09:42 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/ Frame 4957 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79e7d975717101ea342d24992a0ca697bf3ea158162adbb88aa9011bae3127e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 10:57:21 GMT
x-content-type-options
nosniff
age
29541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5704
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 10:34:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 10:57:21 GMT
300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/ Frame 4957 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/300x250.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14046155014989064645/300x250_EN_MM/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec529d77dc9c90119e67b77cce4aa3bbc898b936ecde2715ee7d0d7e67295450
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 10:57:21 GMT
x-content-type-options
nosniff
age
29541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52852
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 10:34:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 10:57:21 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FC52 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
19522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Nov 2022 13:44:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FC52 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Nov 2022 09:40:58 GMT
css
fonts.googleapis.com/ Frame FC52 		1 KB
469 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700,400
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 18:19:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Nov 2022 19:09:42 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/ Frame FC52 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79e7d975717101ea342d24992a0ca697bf3ea158162adbb88aa9011bae3127e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 10:56:54 GMT
x-content-type-options
nosniff
age
29568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5704
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 10:34:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 10:56:54 GMT
300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/ Frame FC52 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/300x250.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16900789838091633912/300x250_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9e9ca84c2d453e479b771cb4577b109ad5cd00b6d7a23ed9875f09f619963
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 10:56:54 GMT
x-content-type-options
nosniff
age
29568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51042
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 10:34:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 10:56:54 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2006 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2006 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2006 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Nov 2023 19:09:42 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2006 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Nov 2023 19:09:42 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 2006 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zhqzOAJ6N5xdH3oldp0yrA2cxHWksifF6zUAIKx4-VIpswMmccAHgXzYmdEFSWAAqpVrbZNPTX3ZeQSZojftC9PdY74v2gvOoVuOxjOfmQTV8TYODULto6pivDQ6Hy0BmxANvmrRHhmsJSRNZ6h5U6h9ra0BmhrbprQ7r3RSkIn76MILvt3vg_WLo52VmH_U5GkNayyjaM4Z5uYel3NFFST_8QlfY_W7V8Jvz7BMiee5lnQg8McDBzxbyAksVBoRudCZHAnmpSvJ--lAntUe4v7fAZj8ho5nbSh_yybR9nrh8VM8AebxzzkGpc_sPsgM_XIE_coNYPHJ1PXKqnuE0QNJng7drk98uFbptRiMenVFV5KjxBvSBgfScxay7dag79oGHtLVx_UIKiha9cRgDcbmsPtNiU4ulDw0f7VddAPbuL1M
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2781416
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 2006 		44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668712181
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
MkOgfig8OHcnsX2pDAwaoxjuF2kWArXassbOMsV0xE_R3AwwIAxXXQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CEFB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Fri, 18 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E82A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d96cfa09f9ae2c215bf36728a3ac9e60b5cff2c3a8d6e86840d6561ea3e91f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame AAD8 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 18:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9830 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9830 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
17237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 14:22:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B9FD 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 18:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A4D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 11:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A4D0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 14:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
17237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Dec 2022 14:22:25 GMT
truncated
/ Frame D544 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b54383a2ad0bceb07ea158f9e566d03293c64e235b2c1b0b574992de1b8e2157

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 2006 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
img
pix.eu.criteo.net/img/ Frame 2006 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoAmazon-Workforce-Staffing-245849DE-2005201401.gif%3Feb%3D1&v=3&w=400&s=S8H46qf3EvuvyZds2gfujwsz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1645513
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1902
expires
Tue, 06 Dec 2022 20:14:56 GMT
img
pix.eu.criteo.net/img/ Frame 2006 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoAdecco-Deutschland-57598DE-2206101205.gif%3Feb%3D1&v=3&w=400&s=dvNhU4Ck7-p0W-U9324Tt8FS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
68e85ddf76b98bb06e4fb9e7cef3a0bf4864a5e8235c226e087158ad41e90a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=775464
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2224
expires
Sat, 26 Nov 2022 18:34:06 GMT
img
pix.eu.criteo.net/img/ Frame 2006 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoTakeaway-com-282674DE-2111151557.gif%3Feb%3D1&v=3&w=400&s=2tkmevNX3FUxPj5fn_dIDE64&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b82321148229dced6dcf746385d81b79f5925607672c8f4f9b0082911c3ebda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2550527
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2286
expires
Sat, 17 Dec 2022 07:38:30 GMT
img
pix.eu.criteo.net/img/ Frame 2006 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=i6as8yy9gl7D3k76I7WAAQdj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052281
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19171
expires
Fri, 20 Oct 2023 01:14:24 GMT
img
pix.eu.criteo.net/img/ Frame 2006 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoStatista-GmbH-70120DE-2105281742.gif%3Feb%3D1&v=3&w=400&s=OXyU_K2XUhK0p1K_gEKsnWtn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
381afc3ddc6dbb5d58659e2b0ecdce1c2d54aa827257669e59164a1a7819b511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=491932
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9982
expires
Wed, 23 Nov 2022 11:48:34 GMT
all
csm.eu.criteo.net/ Frame 2006 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=4rNbp6MhT-epnvOqV17KCGfnH3C8omsWDx7fpY-fh9wGYaIj98kgSIoSO2-H4tuVW7iElm-EruKJW2QPSe0Go5GcdPNiIjnzOhf7htcKH5x77824H3iBr1IhHffAxkmbag-2zxtlfLW2WniJd4ouabsu1OuGHh-uFPJyYA33iTBvG4_ALAkWt-6B0lGM2dlbCZOiOYmPP_5fFv2BewpqbvizSEPyrsOd_93aqbvpLD0kxSlqfX9BJUDlJBXqK8GlEP7WhA&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Nov 2022 19:09:41 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2006 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2006 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QALr7MIu--DAAZiUlLrKw76IQfNXoAhbw&u=%7CGkz%2FUiTgb4n4Zl3coWd9UMqO6YMMnTB6VVEkgHpCAZI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg0aA5goEzq3GpwZENigu3KjPVeJznbeyjpj4bpGozLcbPPF52OL1pcWxBXh19HqrF_tBdlYH3fQhjBLrNNWekeYFy7djXKd7c2u9oSiTBdP6WhRtnAsnB7Y-lErAu4QN5qyUiEhKpzlEOld7yKTFKm0bUNXL4Sg_5DCq9ihxjavupE23YjdgiwP0mcC2ezwBTIV-v1Qc2j-aRFvvgaw05EoTmh2utcA8pmKBbtPowDVgqqrAS4PmWhr69YUMTw66eM1QBGnk7vLX0b4NDny_HTVe0HccNU_JzqPTHl8RLEVfahxoawivoP8nQNMElGUd6l4xo29uMfdk4ctYme9QbHTlEuuS2lXxTI9dor6uNu92ACdu1nHjzLZHkhiGuV1PFFInuXrrxWaMpBOZE2IN75KS1F1G3o1RJfYfWf9iCVsqQueZ3ndRaWhrM0EO_9jcqtqwfSDFSm3Kw08bpgxh-eqGHbQBLZdSQz1K_4lfdCQU7_iuv66YjQYyluPM-zGFmnTw12yXxwgUlYPyA8-2sG1goPuMOw_8YE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnMEc9YZ2Y7PfLoPf7_UP0sSZyAzJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmS8jnR8TLE-4AIAqAMBqgT5AU_QvGpAjTfDKnWfWlfyT1mtAK2bkWBQz9ZPMk7d64AZUPCoLeaVawixO5DPftntr7LjAslhUR_V3Dhb2jNDvCC6Ba9VPV5Ym4Q9TRUGa7CIGGNsjcX535PewkyvcK9RI0Kv6NbABINEOhdOuYzoM1-KnMMqvSG3av2NFGzrzFodcgITSIKSpmVqKI0ThKzGbum-MBC0FGJMDQ6e-Y7WSQM27sjkJfSekWkAHR3u8eJbz1aUqVNXPFW3dEx2PB7670ajvdRZ6gsdMiQ69TmSTGDuBcc1R-yBOPJPz41TMQ73qv9p85sOLJgX4A6sqoDlBeF1rHYjCQeOROAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aEtx99joJn6qX7oPv_AffePFvKA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:09:42 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4957 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 09:59:57 GMT
x-content-type-options
nosniff
age
551385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 09:59:57 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4957 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 17:08:09 GMT
x-content-type-options
nosniff
age
180093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 17:08:09 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame FC52 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 09:59:57 GMT
x-content-type-options
nosniff
age
551385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 09:59:57 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame FC52 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 17:08:09 GMT
x-content-type-options
nosniff
age
180093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 17:08:09 GMT
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKXa-tVcZMYObsxpNyxvSXQ&google_cver=1&google_push=ASkJ3FaN6oWZAF78_WrCO9-hCeZ5ZMw0xR8_iKCQbb9h8Yg-flnChyyLfzG0BPcNE24i54-PBn5pLuuBqMeHtTKeV1f4JqKGmFc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0ED2951E43EA4A6E931D9E0B83C93C91&google_push=ASkJ3FaN6oWZAF78_WrCO9-hCeZ5ZMw0xR8_iKCQbb9h8Yg-flnChyyLfzG0BPcNE24i54-PBn5pLuuBqMeHtTK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0ED2951E43EA4A6E931D9E0B83C93C91&google_push=ASkJ3FaN6oWZAF78_WrCO9-hCeZ5ZMw0xR8_iKCQbb9h8Yg-flnChyyLfzG0BPcNE24i54-PBn5pLuuBqMeHtTKeV1f4JqKGmFc
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0ED2951E43EA4A6E931D9E0B83C93C91&google_push=ASkJ3FaN6oWZAF78_WrCO9-hCeZ5ZMw0xR8_iKCQbb9h8Yg-flnChyyLfzG0BPcNE24i54-PBn5pLuuBqMeHtTKeV1f4JqKGmFc
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Nov 2022 19:09:42 GMT
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOFsh-vkW3EM4j0AghYP9Y0&google_cver=1&google_push=ASkJ3FYvY0Bj9n50U-nWgx_nYbkJKKdt-eNXxpdJJdQVJuNVix13hBFkvrbbexbxxBsL0P66E__AonYFeI9...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYvY0Bj9n50U-nWgx_nYbkJKKdt-eNXxpdJJdQVJuNVix13hBFkvrbbexbxxBsL0P66E__AonYFeI9xQ_6yiMdpYpIAZkk&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYvY0Bj9n50U-nWgx_nYbkJKKdt-eNXxpdJJdQVJuNVix13hBFkvrbbexbxxBsL0P66E__AonYFeI9xQ_6yiMdpYpIAZkk&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYvY0Bj9n50U-nWgx_nYbkJKKdt-eNXxpdJJdQVJuNVix13hBFkvrbbexbxxBsL0P66E__AonYFeI9xQ_6yiMdpYpIAZkk&google_hm=jQKaZVYYRcOZbYGLWA3xK6I
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHTkAaRyfhenZh2M4LKHsnA&google_cver=1&google_push=ASkJ3FYbr5KR6I3eaG_KvA13lA3ws50wID2ycEiKGul7mB3PObbheZAJles-V3QBZUoUylLY3ehbkbf40JMvrpOF6rAg...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e46ca7d1-e21b-455b-9636-5c5c70bef1d4&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYbr5KR6I3eaG_KvA13lA3ws50wID2ycEiKGul7mB3PObbheZAJles-V3QBZUoUylLY3ehbkbf40JMvrpOF6rAgDph0IuI&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYbr5KR6I3eaG_KvA13lA3ws50wID2ycEiKGul7mB3PObbheZAJles-V3QBZUoUylLY3ehbkbf40JMvrpOF6rAgDph0IuI&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYbr5KR6I3eaG_KvA13lA3ws50wID2ycEiKGul7mB3PObbheZAJles-V3QBZUoUylLY3ehbkbf40JMvrpOF6rAgDph0IuI&google_hm=hvgmL9A9QgGkr4nfM7jWdA==
date
Thu, 17 Nov 2022 19:09:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENkE1m6SFIV6qYteF6oX2K0&google_cver=1&google_push=ASkJ3FY3RpBCmRyQT3TPqkzPb8ArHRmcS3k2blsMW-GKrztBvVm6_nRPcYi7gx7zL4ggl1YMiQNLadeEWJnj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FY3RpBCmRyQT3TPqkzPb8ArHRmcS3k2blsMW-GKrztBvVm6_nRPcYi7gx7zL4ggl1YMiQNLadeEWJnjsquXlxHX8vvC
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FY3RpBCmRyQT3TPqkzPb8ArHRmcS3k2blsMW-GKrztBvVm6_nRPcYi7gx7zL4ggl1YMiQNLadeEWJnjsquXlxHX8vvC
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FY3RpBCmRyQT3TPqkzPb8ArHRmcS3k2blsMW-GKrztBvVm6_nRPcYi7gx7zL4ggl1YMiQNLadeEWJnjsquXlxHX8vvC
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-8514ae97-44e4-4671-9e14-123657fc2d68-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZT97tLRbAQE9aEA6zNy...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0&google_hm=A4UUrpdE5EZxnhQSNlf8LWg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0&google_hm=A4UUrpdE5EZxnhQSNlf8LWg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZT97tLRbAQE9aEA6zNyRNDaQaAUYZvowAVaQlms-Sr26pMoWbmURUFNfPnsRNo39R2c3xiVSx-kzWW01fe6Fan78gYJI0&google_hm=A4UUrpdE5EZxnhQSNlf8LWg
date
Thu, 17 Nov 2022 19:09:43 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8514ae9744e446719e14123657fc2d68003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELtUjSVLU4sGsv7gx9TeUC0&google_cver=1&google_push=ASkJ3FYgE6u8Ynv8LkTtsSIZ76Wc9C5lMb_MnxhlRdNOZgvpwn6Pwe1TSSXocUHg9kfSxPto5n...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FYgE6u8Ynv8LkTtsSIZ76Wc9C5lMb_MnxhlRdNOZgvpwn6Pwe1TS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FYgE6u8Ynv8LkTtsSIZ76Wc9C5lMb_MnxhlRdNOZgvpwn6Pwe1TSSXocUHg9kfSxPto5nA8qWH35pUgUtGaKtpMHr3GaXwT
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lZHF4X2NWRTJ1SEJOVGxneWs4Qkp2endXSnAwLnFCRH5B&google_push=ASkJ3FYgE6u8Ynv8LkTtsSIZ76Wc9C5lMb_MnxhlRdNOZgvpwn6Pwe1TSSXocUHg9kfSxPto5nA8qWH35pUgUtGaKtpMHr3GaXwT
date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame CEFB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAzOyzVidfzc0oHC3H_jQfk&google_cver=1&google_push=ASkJ3FZPX2QBHZ4gk...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTY4MzI2MDkxMjUwNzY5NzM1Mg%3D%3D&google_gid=CAESEAzOyzVidfzc0oHC3H_jQfk&google_cver=1&google_push=ASkJ3FZPX2QBHZ4gkJ1tYF8aSm7hGPvRBX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTY4MzI2MDkxMjUwNzY5NzM1Mg%3D%3D&google_gid=CAESEAzOyzVidfzc0oHC3H_jQfk&google_cver=1&google_push=ASkJ3FZPX2QBHZ4gkJ1tYF8aSm7hGPvRBXZtkaZG5_ia5Bux8N6R4x1lsq7V_bU3w4I3FzqSEcEHI1s_LHQkm3JTiWkmummIAV4w
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:42 GMT
AN-X-Request-Uuid
660bcec3-16d9-46ac-8770-3e24577331d8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTY4MzI2MDkxMjUwNzY5NzM1Mg%3D%3D&google_gid=CAESEAzOyzVidfzc0oHC3H_jQfk&google_cver=1&google_push=ASkJ3FZPX2QBHZ4gkJ1tYF8aSm7hGPvRBXZtkaZG5_ia5Bux8N6R4x1lsq7V_bU3w4I3FzqSEcEHI1s_LHQkm3JTiWkmummIAV4w
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CEFB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZkbjbc-R-EwPqjZbbfSbn20kmgf8CTqpHBaMTTffFmfArNlJzanmSqlHY5Q2iHcuPRZFWpPw
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame CC27 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 13:57:55 GMT
l
www.google.com/ads/measurement/ Frame 9830 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4yzzck2tkkvrEwshUqdK0fGfmYjtxGxHOlbeyMQKapIIotdswB5nXi6ihOxrPx2MyVNJgI2xfZ9YAD02Ro91h4gnYFQ
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9830 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:09:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AAD8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:43 GMT
expires
Thu, 17 Nov 2022 19:09:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame A4D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl7pMXYu1oFkKD_DjBR41_3otM1lTQRiwoAK__G316Oe05GdJjHfNhNg_GQcBlY_B_1s0tbIk516TDeU5o8NQqvgnCjw
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A4D0 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:09:43 GMT
truncated
/ Frame 9830 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3bd5fe7bdc9d57349da5d10193d70dbac46151d263a69604c923b72abb2b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A4D0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f04a1c55723ec776d73ba9e0970dee9701ee706e2f27b4028e21859298a1d077

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame B9FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:43 GMT
expires
Thu, 17 Nov 2022 19:09:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9730 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF1UK3oqxeaixFq5kwgm_Nk4s3-MikRmxMQG6hGEAN0mE6peMuIDkdEIw2kGbW8nvubwtg3UnKVKa8xFX1Lq7EXXs&sig=Cg0ArKJSzO3Ht1UnFhTZEAE&cid=CAASF-Roz2YeXC_W2HoYniDkOW5mbeYWr0MN&id=lidar2&mcvt=1001&p=20,315,270,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668712181578&rpt=362&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame FC52 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 13:57:55 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 4957 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 13:57:55 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=de95d08354e50ed07c183f6a0f445dbc_1769_1668712181658&tm=3433&eT=0&widgetWidth=859&widgetHeight=629&widgetX=538&widgetY=11415&wRV=2000952&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1891&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:43 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
4c09c5d100fcd40414814878c46456ca
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=49f41992c001cdfe9155c51c27fd4a40_1769_1668712182060&tm=3478&eT=0&widgetWidth=859&widgetHeight=358&widgetX=538&widgetY=12069&wRV=2000952&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1891&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:43 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
dff2f47543ea7c2cec53b36c5a8be5d1
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=30e5c29ed9dfb8945f7fcc90fcecda4b_1769_1668712182130&tm=3479&eT=0&widgetWidth=859&widgetHeight=358&widgetX=538&widgetY=12450&wRV=2000952&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1891&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:43 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
0de2bd9f0ee1a60f34a14de9199a32f9
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c1634852f77f9615f0c9ed4fd4703dc6_1769_1668712182367&tm=3480&eT=0&widgetWidth=859&widgetHeight=278&widgetX=538&widgetY=12832&wRV=2000952&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1891&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:43 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
608858a34d70a20c4df51d2a090cd7cd
Content-Length
28
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=809d73b90fd89390bc16e02be99906eb_1769_1668712182834&tm=3482&eT=0&widgetWidth=859&widgetHeight=358&widgetX=538&widgetY=13134&wRV=2000952&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1891&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 17 Nov 2022 19:09:43 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
4be774cb81340192a6459f9c49929da1
Content-Length
28
Content-Type
text/plain; charset=UTF-8
eyJpdSI6ImE2NTA1N2NlMjgxMGM0N2FiZGViNDA1ZDUyZGZlNzE0OTg4MjJkZGQ3YTIwZjcyZGRiNWNlOTk3OGY0N2VhMGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE2NTA1N2NlMjgxMGM0N2FiZGViNDA1ZDUyZGZlNzE0OTg4MjJkZGQ3YTIwZjcyZGRiNWNlOTk3OGY0N2VhMGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
last-modified
Tue, 15 Nov 2022 08:25:41 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=2344708
access-control-allow-credentials
false
x-traceid
bf8e8023076fd7eed7d02bb36cb056d4
timing-allow-origin
*, *
content-length
166306
eyJpdSI6ImE2NTA1N2NlMjgxMGM0N2FiZGViNDA1ZDUyZGZlNzE0OTg4MjJkZGQ3YTIwZjcyZGRiNWNlOTk3OGY0N2VhMGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		162 KB
163 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE2NTA1N2NlMjgxMGM0N2FiZGViNDA1ZDUyZGZlNzE0OTg4MjJkZGQ3YTIwZjcyZGRiNWNlOTk3OGY0N2VhMGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b90d7af1220bdd35955f56de88c71ef4eb3c92d7fb414b4ef0aad4456c557d4

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
last-modified
Tue, 15 Nov 2022 08:25:41 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-166305/166306
cache-control
max-age=2344708
access-control-allow-credentials
false
x-traceid
bf8e8023076fd7eed7d02bb36cb056d4
timing-allow-origin
*, *
Content-Length
166306
eyJpdSI6ImE2NTA1N2NlMjgxMGM0N2FiZGViNDA1ZDUyZGZlNzE0OTg4MjJkZGQ3YTIwZjcyZGRiNWNlOTk3OGY0N2VhMGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE2NTA1N2NlMjgxMGM0N2FiZGViNDA1ZDUyZGZlNzE0OTg4MjJkZGQ3YTIwZjcyZGRiNWNlOTk3OGY0N2VhMGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.172.16 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-172-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
last-modified
Tue, 15 Nov 2022 08:25:41 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=2344708
access-control-allow-credentials
false
x-traceid
bf8e8023076fd7eed7d02bb36cb056d4
timing-allow-origin
*, *
content-length
166306
all
csm.eu.criteo.net/ Frame 637E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0eHrVKMhT-epnvOq561ZI_tFdK2wG9gQYOfnnuJGaN_goh7WyFgt8iUmKlEyw7QVgE-M1JMFm29hMM8uz24f2_rr61HOhS7sT5-3xUxsiE4eTCXYd5IJERuBaoP0uecdMTPTcp8-cRabqYr-e-KgHARNpJrR6eWNgFz39eDPTin4XJuaPWeUcXRFTf1N5jd0MZmc-O_9FgGGOj4BEVd_tcVIoI7JT4cPwHwPBXvMoCF8QYr0XRACkvy297s&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3aG9QACTLsIu-GpAAXNv3UN1c9_mKYtNgcONg&u=%7CGkz%2FUiTgb4lltx86vAypEMmodEUcNoDVU7m6RJPMcAU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY2cyaLNuSWK9WmGKlbK9VdXa5QVw81epLqrZYtEOvZzq4UiUSSvre7kZCOz-pOEuBbpbuRFPM9Z_uHcx_8Qg1fa1SXfMyTY2IC5j5QhxnpE0fsIF9Fa6Ixry6lugejGrnQmLkgqKK4EG6IdDb6STtMPlRCGh7woOSTCA6dLsIeO8GaGfsRgDLRuhnFmGdTzsHyhvwrUII8hJc4RajMpygFDnju2c1OKjuO-cATe7UbHnsueQshJIGeqWEYHpBbexSPQ9wJs2k8B2wXX4i1k6_DzPD1eTuXfiVZ6DlazbGer7DXHOJnKPylkKl-VFwT5QAkUlSFXg3vXL_sbNNsK2VR1-5CgtD3CC10Ep7dVS7hqrzQre6KGeASI3U16stAbjWS730sJdbOzdM_lltwkUdgdPb5B3yvYWWEC4kiKXd3ErKno_M8GCvs9RUvtz2XnGB_NRcilV4GSXFrx0njGTYisUZtmgK_HmEFjcBSrpau4bFHw3QhlfgKEJGpUOTQIbtWJPtZM4OD4lIMmu9Yk2UdLy3IB7r3Pk5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeNuI9YZ2Y7uZCanD7_UPv5uX6AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpApLWeSijVbE-4AIAqAMBqgTwAU_QGoiUqve9_e5vG2ZZJJP2bhRqkD0aBfhHkUGopvn7zNrV1GkDCinrPGzaQIliFC8iCJtZYHk0fRtuxndPoGazYYoE0e7XW9uryDqGcMcYbHWIOatLptfqyRAAJNxroEPeuFWGhcilR3qw05HcrxmH2Xr7Ho2_SYoha9Xiy0ajQal6hXTyfFC6PHfQHibPjDsAmbxnLVM30Dj0Y2X5S7qMf9iRajjF62b4jfJBZSxJ5JkpuEDyboUNZ0F0YrmV9v3RMXl28C7gjJD1Wb7BkhdU-qyXNEERyDcSb5GwCPzq8w5tHkL1r7fe5Dv3hrvGgOAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iftKpwTnU2BkcwHsbBcWWCfPn4Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Nov 2022 19:09:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
get
odb.outbrain.com/utils/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=10&rand=24852&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=00&em=1&settings=true&recs=true&version=2000952&sig=vu1MbKAb&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
59f1429af3c28d6ab78b303835602c4d8eb28c791eb3757d23b92bf87233f675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712183.429714,VS0,VE548
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21938-LGA, cache-hhn4049-HHN
x-traceid
5bbf4b289abe3a8d1aaa0fd69b030a01
accept-ranges
bytes
content-length
16243
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34f6c6677d910cbeb02d8a7a1aaec4082fb8dec8a08baf4ad7e2b813be71b6b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11120
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:09:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECA2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10610
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 16:12:53 GMT
expires
Fri, 17 Nov 2023 16:12:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E22E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f0535609af006b7dec032ce1aa04e4fdc460dd99852c8a96ffcf41473106024
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F-uIJO-lvwS-G0xlbqU_0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-F-uIJO-lvwS-G0xlbqU_0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:43 GMT
expires
Thu, 17 Nov 2022 19:09:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame E22E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111401&jk=3479824425706933&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame ECA2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 13:57:55 GMT
generate_204
tpc.googlesyndication.com/ Frame ECA2 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mlukdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Nov 2022 19:09:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D544 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssIUoi1YvD3AIhTxexolN9pOXc36OV3qtkLL-2yHBGuFehCEEK1HTOzcXwyiG9NMUwbpdrJG0_Ur7XJnGjmYu-kxlaXuTpGNjXODC0BNrnwb0ohuNL6RDjZLTuDxSnRlveyzxt3A&sai=AMfl-YRr7-WH1W3mwf9NyRqhc9_EKi4JP2GssfOyyF8icOcCsgyXOASLBfs3ZpubLZ4M3ANMYLZSsvskIs1WjeRqegOuMheWLKAU_DwlsgPBQatlpCks4rHqvx6Ya5vttHo&sig=Cg0ArKJSzFiSTcL-_jxvEAE&cid=CAQSPADq26N9LofOspIWj3ah4bwcnyVWeWU-mjn3mlUsW_YLFzMAUoHoUaisqvQ12muN6E4TPKUGUxoIJYzMbBgBIBM&id=lidar2&mcvt=1002&p=451,1439,1051,1599&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668712182296&rpt=606&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame D598 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 19:09:43 GMT
server
Kestrel
server-processing-duration-in-ticks
698686
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Nov 2022 19:09:43 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 226C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
get
mv.outbrain.com/Multivac/api/ 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000952&apv=true&sig=vu1MbKAb&format=html&rand=72532&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NmY4MTZhZjI2NTMwZTFmNWQ0MmMzZDYzZWU2MTAxZjc=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=10&lastIdx=10&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000952/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22eb4b0129337769b448059780435c9927bf50ede621129408c614883b588dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 17 Nov 2022 19:09:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1668712184.996102,VS0,VE1414
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13621-LGA, cache-hhn4049-HHN
x-traceid
97bab81547b7b1284a19e66f0334a356
accept-ranges
bytes
content-length
21709
expires
Thu, 01 Jan 1970 00:00:00 GMT
sid
mug.criteo.com/ Frame D598
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=I0iyXXx1Sy9vMklBZW5xL3V1TTFoTkNxNnB2UitoU2VUUGF5Y2hLcS9oWmE0ZjVtenZhUVVSOUwwU0dTVTR3YlFZbmdHaytKdE1YOW41RVVrY3JrNE1lalJnbzEvWDljWUFpdXZmOVhPc1l3TzhoSDB1YWxOblpkb2NCaW...
430 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=I0iyXXx1Sy9vMklBZW5xL3V1TTFoTkNxNnB2UitoU2VUUGF5Y2hLcS9oWmE0ZjVtenZhUVVSOUwwU0dTVTR3YlFZbmdHaytKdE1YOW41RVVrY3JrNE1lalJnbzEvWDljWUFpdXZmOVhPc1l3TzhoSDB1YWxOblpkb2NCaW8wWG5qb3JjbUw4V3N2RkdrOGphdmxWdjlLdzRmeFFqc21DZW5ES0dBLzZFbU96L3BvY1FJZE1OTkIyTlY3eHF2WjJFeHdwTVJQa21YOGpXN0NOQXJLZkl6V1NIR2tHMEVOZEN5Q2pGekp2SFBaUmFGMDdIaHI4ZXNPU2hTSW1xVThxUm1Sa2NTdHIza3hhTmpvcTVuVjBWczNPMEkxdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
180ff62d7cf0a7a708afa95fd84d66dd6b265fce39cfbc1d2297432f4b4d4b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2558186
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=I0iyXXx1Sy9vMklBZW5xL3V1TTFoTkNxNnB2UitoU2VUUGF5Y2hLcS9oWmE0ZjVtenZhUVVSOUwwU0dTVTR3YlFZbmdHaytKdE1YOW41RVVrY3JrNE1lalJnbzEvWDljWUFpdXZmOVhPc1l3TzhoSDB1YWxOblpkb2NCaW8wWG5qb3JjbUw4V3N2RkdrOGphdmxWdjlLdzRmeFFqc21DZW5ES0dBLzZFbU96L3BvY1FJZE1OTkIyTlY3eHF2WjJFeHdwTVJQa21YOGpXN0NOQXJLZkl6V1NIR2tHMEVOZEN5Q2pGekp2SFBaUmFGMDdIaHI4ZXNPU2hTSW1xVThxUm1Sa2NTdHIza3hhTmpvcTVuVjBWczNPMEkxdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
430081
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111401&jk=3479824425706933&bg=!rq2lrenNAAbvMpMzzzI7ACkAdvg8Woospz7fv4g7vdJ6fy6-1Rls2Um0sbRO9g6Wgl4rPuIHwHtzZgIAAAB-UgAAAARoAQeZAqLqU1xZmKGCH_rljXvQPKuAkB4QWpQkjYXbRuIvYxnDh1DZQVjf9FhyEfmXxJxjcZ4OvwvgCqAywU-JBqDzTaNxv3rsABICqcYYW-OMgeiji5fRiYZf4-tQknNSNeeUabLPnl0om-WFp7FNKOBuAeUBnIobNQzttsrd_rcSXgfzGp1PS0Xw0ctea7qTXBpzNVHbC1BK5gh0gFox2dnzJtQJ3Uk0yFIbBMfOlbAbOT03V_WRcGGEl-LEDTyweVGB0CTmYbRzJYkpMT78dAaLskP_gn1flrG78qQ26wPOs9Iy6ZR7ueOmFa5lIciRjCaOplx70kfXz_w2Hh_a1un-fM8drj9p8TcXOZh5vJQTbakY8o7NMidQaMKMrX4oh2NG0BNxUz4cTug2d4mMWkW73ydvtYhMGg30RLROsTGn9n3oZLHz4ofPo0BWMglYY0BHUQb-a629kn3alkxH_PV09dYQFPvNamdp2OcgVFeZ-MEdzNtkLMhvFyJeRPX1ZeNjx2mPmskbHItnIKFXtkjbG3C8UhcFuQLtFVUsL7vKwn0h6IiaLNuV9iulnvWHD1EDoTTTuvcoUXJQdoqlDjOg_6yBkvoqvWHEeiNPQQj1Sk3zZM2QliZsMQn9bH44hsT9hbY9YVQjVeT9a7_3q_DBpqeueyuQWRbzTZ58cMaYGPUdiYK4ki9eaCIMWDIUPsMqaLCoqz_FoVGoX-UM-FaqGitc3VtbMZPPlzOM3x6A3Gw5HxyXfPlE28ENELYq4trHJX6QfL5TsbdSKZzqN3wnD4HtAA-Tw6e9n1rrkPHOsOgLjIZrPs3hVs7MMOxzjhgVf7sNcSMpjE5Cr8-_H6O6jNC_sXY6frIaC7wNjFrwpgYNs5gNfub-NK8zFCnWgq3j2MsM6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=S7uwHXx4akRtTEExSU9tTXpVNnk1c09ob0h4cUN2dzVXTS9EL1NHZExGVjBadVZCaDFmQWRuR3hDbnY1bXpqaHgybjd2V3k0cHRUalZMMjBraFB0NzVvaktkb05leThwdWRWLzUyWjNVYlR5RklpUTdLb0Z3L0dZMURHVn...
412 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=S7uwHXx4akRtTEExSU9tTXpVNnk1c09ob0h4cUN2dzVXTS9EL1NHZExGVjBadVZCaDFmQWRuR3hDbnY1bXpqaHgybjd2V3k0cHRUalZMMjBraFB0NzVvaktkb05leThwdWRWLzUyWjNVYlR5RklpUTdLb0Z3L0dZMURHVnJsKzErbVNJbGw5ZVhvZmZPZk95Rm9VeFhZeFlnWnNZU1d0Vi9oU3dLVFJCVlZBSUZ0Zy9PUFcrSmJZd1IvWHB6YjdqaUJ6anhZV0cyUEFRN0ZaYzc3VWpIY0k4YUlCU2NwS3FoNXdRY25SQXNsbjVGZE4zSnVGNWovYXZDVlpkZnNoOVdUblJkT01qUDkwWlNtUUtienB1SnRWTkNYbFFrSmF4amlHVkxuTXNnN2l4TXh1QT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a065077fd5f26f85cfa2cb4ac531f7937f9a5ee1f8ac730c16e6785968753981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1989527
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=S7uwHXx4akRtTEExSU9tTXpVNnk1c09ob0h4cUN2dzVXTS9EL1NHZExGVjBadVZCaDFmQWRuR3hDbnY1bXpqaHgybjd2V3k0cHRUalZMMjBraFB0NzVvaktkb05leThwdWRWLzUyWjNVYlR5RklpUTdLb0Z3L0dZMURHVnJsKzErbVNJbGw5ZVhvZmZPZk95Rm9VeFhZeFlnWnNZU1d0Vi9oU3dLVFJCVlZBSUZ0Zy9PUFcrSmJZd1IvWHB6YjdqaUJ6anhZV0cyUEFRN0ZaYzc3VWpIY0k4YUlCU2NwS3FoNXdRY25SQXNsbjVGZE4zSnVGNWovYXZDVlpkZnNoOVdUblJkT01qUDkwWlNtUUtienB1SnRWTkNYbFFrSmF4amlHVkxuTXNnN2l4TXh1QT18&cppv=2
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
685570
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 17 Nov 2022 19:09:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
517632
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3F08 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
52039
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 17 Nov 2022 19:09:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
21, 751732
X-Served-By
cache-lga13626-LGA, cache-hhn4041-HHN
X-Timer
S1668712185.734108,VS0,VE0
/
csync.smilewanted.com/ Frame 3C2D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1775d0a91837b6d93b91469cf7a98784446fbae1a5bfb40c63d8f013061c01

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac332298f690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:44 GMT
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D999 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76bac3327fe5916e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:44 GMT
expires
Thu, 17 Nov 2022 23:09:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 996E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668712181141
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D11 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25270
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 18 Nov 2022 02:10:54 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame BCF7 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 17 Nov 2022 19:09:44 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3847 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
52039
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 17 Nov 2022 19:09:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
21, 753869
X-Served-By
cache-lga13626-LGA, cache-hhn4077-HHN
X-Timer
S1668712185.734266,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 7AF9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Nov 2022 19:09:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame E708 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668643200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 17 Nov 2022 19:09:44 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 19:09:44 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 0D11 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60087040&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ddbdadccced568abdf2baa591ab01d73835cbed0f3b511572bd711045622a95f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Nov 2022 19:09:44 GMT
content-length
1818
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 4907
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 17 Nov 2022 19:09:44 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 48FD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167064248130992268&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167064248130992268&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 17 Nov 2022 19:09:44 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167064248130992268&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
redir
rtb-csync.smartadserver.com/ Frame 1EC0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZm4wN0c3UTRBQUI5YzZjZk9zZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADfn07G7Q4AAB9c6cfOsg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADfn07G7Q4AAB9c6cfOsg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Nov 2022 19:09:44 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 17 Nov 2022 19:09:44 GMT
Server
gunicorn
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADfn07G7Q4AAB9c6cfOsg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D1E4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=yci3khkeRrtq6fteZ9ElQLnVm6I
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=yci3khkeRrtq6fteZ9ElQLnVm6I
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Nov 2022 19:09:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=yci3khkeRrtq6fteZ9ElQLnVm6I
Artemis
aud.pubmatic.com/AdServer/ Frame 0D11
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date
Thu, 17 Nov 2022 19:09:44 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 0D11
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:53 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:53 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0D11 		95 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
76bac332eee39096-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 0D11
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
54.87.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-27-54.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0D11
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=87d7ac64-3b43-48e9-9eb5-5043e7085788&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8262f-d03d-4201-a4af-89df33b8d674&gdpr=&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8262f-d03d-4201-a4af-89df33b8d674&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Nov 2022 19:09:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8262f-d03d-4201-a4af-89df33b8d674&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 17 Nov 2022 19:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0D11 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4041DC16-92D8-4A23-A3D4-4E4CE13A08BA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:66b:1664:ed6:c452 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 0D11
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-F2NpJPhE2uV3l_IdXr.RTVrMDaek9bQ-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-F2NpJPhE2uV3l_IdXr.RTVrMDaek9bQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-F2NpJPhE2uV3l_IdXr.RTVrMDaek9bQ-~A&gdpr=0&gdpr_consent=
date
Thu, 17 Nov 2022 19:09:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0D11 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0D11 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0D11
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4546302435634190969&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4546302435634190969&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Nov 2022 19:09:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4546302435634190969&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=S7uwHXx4akRtTEExSU9tTXpVNnk1c09ob0h4cUN2dzVXTS9EL1NHZExGVjBadVZCaDFmQWRuR3hDbnY1bXpqaHgybjd2V3k0cHRUalZMMjBraFB0NzVvaktkb05leThwdWRWLzUyWjNVYlR5RklpUTdLb0Z3L0dZMURHVnJsKzErbVNJbGw5ZVhvZmZPZk95Rm9VeFhZeFlnWnNZU1d0Vi9oU3dLVFJCVlZBSUZ0Zy9PUFcrSmJZd1IvWHB6YjdqaUJ6anhZV0cyUEFRN0ZaYzc3VWpIY0k4YUlCU2NwS3FoNXdRY25SQXNsbjVGZE4zSnVGNWovYXZDVlpkZnNoOVdUblJkT01qUDkwWlNtUUtienB1SnRWTkNYbFFrSmF4amlHVkxuTXNnN2l4TXh1QT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 17 Nov 2022 19:09:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
454560
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7AF9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e6aa9b5362097a7655fdfa8537a476f7dbc9d4c42a375673c3e385c879d2cfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 19:09:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2022 10:31:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55292
Connection
keep-alive
Content-Length
10066
Expires
Fri, 18 Nov 2022 10:31:16 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8901 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fdd38ccfa6d38a959c926993675934d0a2ffae29b87b9c198b5808ebcdb78f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76bac3330c2f6955-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Nov 2022 19:09:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5KTgTy%2FAlxRPaYFETuCJJ3%2BMFLMIjhOKxSFBQhXvjlKVbpWNpVOjTKnP%2BsoAXSE83%2FDxjbM%2F6SEtjpcSDcugxFoYUqhiNl0Zv64xBVW9R0%2FvmzqNHScQWNjBD8wIWJv8Y%2B0cFBoLJJX5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 3F08 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:44 GMT
AN-X-Request-Uuid
21466890-5c9c-4bff-840b-2931fc1bfc3d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3847 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:44 GMT
AN-X-Request-Uuid
9913673e-8c04-45c2-9ec3-e29655316588
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8901 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3aG9YbFpXTyqlEEpBXksQAAFAsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TV0XMNY5TT9BJXEKGDWV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8901 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 8901
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3aG9YbFpXTyqlEEpBXksQAAFAsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHr0RYQyjqp1gUaKz46P9vM&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHr0RYQyjqp1gUaKz46P9vM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGhK%2BrYfQndxj%2F2%2BdBbmohzsJOwurUHR%2FNOtPI7tUHa5%2FDiNWqldpJjRVjZEabS0SAdakNXNvGyeFkrHmcx9mrA9MtDt5t5a0rjJzEar8jh%2BHwGcuEekqBXI%2Ffj8GdWUqepDqv4ADVajgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76bac333cdc46955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHr0RYQyjqp1gUaKz46P9vM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8901
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3aG9YbFpXTyqlEEpBXksQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEESe5TQu2HA4tLzxqIPwK_U&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEESe5TQu2HA4tLzxqIPwK_U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEESe5TQu2HA4tLzxqIPwK_U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 8901 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:3eca:3e11:a642:4dca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:45 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 8901
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADfn07G7Q4AAB9c6cfOsg&expiration=1669921784
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADfn07G7Q4AAB9c6cfOsg&expiration=1669921784
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADfn07G7Q4AAB9c6cfOsg&expiration=1669921784
Date
Thu, 17 Nov 2022 19:09:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ix
ad4m.at/ad/sim/ Frame 8901 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 8901
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FGuVyNR91OVKgE5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FGuVyNR91OVKgE5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0c6774dcbd8510e59@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FGuVyNR91OVKgE5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8901 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3aG9YbFpXTyqlEEpBXksQAA%265131
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
74274
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76bac333df609bf5-FRA
content-length
43
expires
Fri, 18 Nov 2022 19:09:44 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 3C2D 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
614042
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
76bac3337c7c690f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame BD71 		0
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac333cd3a690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:44 GMT
server
cloudflare
vary
Accept-Encoding
55b1b9794fc6aa54d3cdda4bb3951a4d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame D54A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
0
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac333fd95690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:44 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Nov 2022 19:09:44 GMT
Expires
Thu, 17 Nov 2022 19:09:44 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/55b1b9794fc6aa54d3cdda4bb3951a4d?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1668712184897045-533
pixel
cm.g.doubleclick.net/ Frame 7AF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjcyNjZjODc2NDVkNDViNTFmYTdhNGMwMjg3NzZlNTg3M2IwMDQ3OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjcyNjZjODc2NDVkNDViNTFmYTdhNGMwMjg3NzZlNTg3M2IwMDQ3OQ
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjcyNjZjODc2NDVkNDViNTFmYTdhNGMwMjg3NzZlNTg3M2IwMDQ3OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7AF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LALG5BFG-1E-HOKZ
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LALG5BFG-1E-HOKZ
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 87E0E1900D08401386EC3B0EF954BF71 Ref B: FRAEDGE1313 Ref C: 2022-11-17T19:09:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtr1UGLnLe8APEDlVRfg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LALG5BFG-1E-HOKZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7AF9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 7AF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/lzmI8EcBW4dDLQzVq8ehlMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8941507848775961212
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8941507848775961212
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 17 Nov 2022 19:09:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8941507848775961212
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7AF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFMRzVCRkctMUUtSE9LWg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7AF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENib7QdLdTzfLzJDhGNTPWk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENib7QdLdTzfLzJDhGNTPWk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENib7QdLdTzfLzJDhGNTPWk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7AF9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3GS7318EH12M04MZ9GBZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7AF9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3PJ40kEtSZKsd_sQQPfvWw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3PJ40kEtSZKsd_sQQPfvWw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3PJ40kEtSZKsd_sQQPfvWw
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VK3STEBQ779MHGACXCDP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3PJ40kEtSZKsd_sQQPfvWw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/universal/ Frame BA0F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.229.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-229-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
setuid
ib.adnxs.com/prebid/ Frame 993C
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
7527d552-28bd-4eea-b8ac-da8b6d6a31cd
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Nov 2022 19:09:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac3347ee3690f-FRA
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:45 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=85a02bacffbc6ba47db3fb8d12d1e584
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 2D98 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76bac334d848918c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:45 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame EFDD
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 17 Nov 2022 19:09:45 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Thu, 17 Nov 2022 19:09:44 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sync.php
pixel.rubiconproject.com/exchange/ Frame CD83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
1
sync-eu.connectad.io/syncer/ Frame 8F31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
76bac335bb20918c-FRA
date
Thu, 17 Nov 2022 19:09:45 GMT
server
cloudflare
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7E51 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25269
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 18 Nov 2022 02:10:54 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 7E51 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16249170&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bcc7d38447605918dbb4dba040b879dfcad733a723ffe04b7a1b7176c13cd08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 565E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=65f0c330-66ab-11ed-b5e7-1e5bf6c20106
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
0
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac3370cfa690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Thu, 17 Nov 2022 19:09:45 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
Server
nginx
X-fe
14
Pug
simage2.pubmatic.com/AdServer/ Frame C312
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3aG_QAIx2z-XAA7&gdpr=0&gdpr_consent=&_test=Y3aG_QAIx2z-XAA7
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3aG_QAIx2z-XAA7&gdpr=0&gdpr_consent=&_test=Y3aG_QAIx2z-XAA7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 17 Nov 2022 19:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 17 Nov 2022 19:09:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3aG_QAIx2z-XAA7&gdpr=0&gdpr_consent=&_test=Y3aG_QAIx2z-XAA7
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4077-HHN
x-timer
S1668712185.453885,VS0,VE0
i.match
s.tribalfusion.com/z/ Frame 46D8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76bac337cd805c98-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76bac3367a005c98-FRA
content-type
text/html
date
Thu, 17 Nov 2022 19:09:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
5278
/
csync.loopme.me/ Frame A8BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Nov 2022 19:09:45 GMT
server
_
pub
matching.truffle.bid/sync/ Frame 5417 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame A54A 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Nov 2022 19:09:45 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-ca40943d8811@version_1.530v3
X-core-time
1ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame 861D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3728392650
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3728392650
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 17 Nov 2022 19:09:45 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 17 Nov 2022 19:09:45 GMT
etag
RX8514ae9744e446719e14123657fc2d68003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3728392650
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/ Frame D4B4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaMXnVSUWggnQYWQS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.100.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Thu, 17 Nov 2022 19:09:45 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.21.177

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaMXnVSUWggnQYWQS
cm
ipac.ctnsnet.com/int/ Frame CEF0 		43 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 17 Nov 2022 19:09:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 90A3 		0
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac3363b12690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:45 GMT
server
cloudflare
vary
Accept-Encoding
ids
idsync.frontend.weborama.fr/ Frame 7E51
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4223075997
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:45 GMT
via
1.1 google
last-modified
Thu, 17 Nov 2022 19:09:45 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
date
Thu, 17 Nov 2022 19:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 7E51 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.100.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.78
content-length
49
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7E51
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:53755705-990f-401c-8bd5-727d8f38c573&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:53755705-990f-401c-8bd5-727d8f38c573&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:53755705-990f-401c-8bd5-727d8f38c573&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 17 Nov 2022 19:09:45 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 7E51
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1683260912507697352
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1683260912507697352
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Nov 2022 19:09:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
AN-X-Request-Uuid
d0002d16-2cf8-4876-a5db-3f17bec9e218
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1683260912507697352
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 6375
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76bac338d89a690f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Nov 2022 19:09:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Nov 2022 19:09:45 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
/
csync.loopme.me/ Frame ED68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Nov 2022 19:09:45 GMT
server
_
async_usersync
ib.adnxs.com/ Frame 3F08 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
AN-X-Request-Uuid
642838eb-610d-4534-9c87-d6da2d43896e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3847 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Nov 2022 19:09:45 GMT
AN-X-Request-Uuid
0e969cf2-5ce9-4c84-a441-d831c9fe428f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oeb90&_p=2126601766&cid=419965442.1668712180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1668712180&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Nov 2022 19:09:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0D11 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 7E51 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:09:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState object| __LOADABLE_LOADED_CHUNKS__ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _cbm object| regeneratorRuntime string| __strip_step__ object| __twttrll object| __twttr function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| postscribe object| google_tag_manager_external object| google_tag_manager object| _0xc67b function| _0x2220 object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| a object| sas object| apntag object| _ADAGIO object| sw_consent object| ONFOCUS object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| google_image_requests

112 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: CPVS2pDeXzGlmuFWy
.walla.co.il/ Name: _chartbeat2
Value: .1668712178845.1668712178845.1.JL0OpB1KqXPBtsoVsCKxYi0Dl-kbk.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _t_tests
Value: eyI4ZGFNbVU2NlRkbjFXIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJuVUhNSiJdfSwibXVpSWEySmVoTVlZdyI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQkY0Zi1SIl19LCJsaWZ0X2V4cCI6Im0ifQ==
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _gid
Value: GA1.3.1955279772.1668712180
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _ga
Value: GA1.1.419965442.1668712180
.walla.co.il/ Name: _fbp
Value: fb.2.1668712180304.1856613964
.walla.co.il/ Name: vad-loc-code
Value: de
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LALG5BFG-1E-HOKZ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpSoA8TaDMD/T5APvdogVCbaTd6KyMQnavCRi4Lg8bJK2aPhygubSppuOYdOTdJHhk5p164vmVCVSYbB5SW5XQ37GGGOiqNCvuma+WVcS1g3g==
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1668712180.1.0.1668712181.0.0.0
.ads.stickyadstv.com/ Name: UID
Value: 55b1b9794fc6aa54d3cdda4bb3951a4d
.doubleclick.net/ Name: IDE
Value: AHWqTUkrmi2Fhsvi1NTN73YpT1UB7In14OQPrVCReNFNqdBD9q5acK3doVxohNKwuJo
.walla.co.il/ Name: __gads
Value: ID=c80db694e55d78f7:T=1668712181:S=ALNI_MZq50EShsVQZNATGnotfS5dMTHObA
.walla.co.il/ Name: __gpi
Value: UID=00000b82a9672599:T=1668712181:RT=1668712181:S=ALNI_MYoWuVidiJKdOJz3kbw-n_fKUeGlw
.creativecdn.com/ Name: u
Value: 0ask8Bamy5HPYuecDO3t
.creativecdn.com/ Name: ts
Value: 1668712181
.360yield.com/ Name: tuuid
Value: f3a87f85-83c1-4520-84c9-350b70bd96a0
.360yield.com/ Name: tuuid_lu
Value: 1668712181
.ctnsnet.com/ Name: gid_CAESEOFsh-vkW3EM4j0AghYP9Y0
Value: 1
.casalemedia.com/ Name: CMID
Value: Y3aG9YbFpXTyqlEEpBXksQAA
.casalemedia.com/ Name: CMPS
Value: 5131
.casalemedia.com/ Name: CMPRO
Value: 5131
.yahoo.com/ Name: A3
Value: d=AQABBPWGdmMCEMZXCjXw4WTjbzjzmBlYpJEFEgEBAQHYd2OAYwAAAAAA_eMAAA&S=AQAAAncs7OmjptGg_E4J8mKimzQ
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4041DC16-92D8-4A23-A3D4-4E4CE13A08BA
.adnxs.com/ Name: uuid2
Value: 1683260912507697352
.bidswitch.net/ Name: tuuid
Value: 86f8262f-d03d-4201-a4af-89df33b8d674
.bidswitch.net/ Name: c
Value: 1668712181
.bidswitch.net/ Name: tuuid_lu
Value: 1668712182
.simpli.fi/ Name: suid
Value: 0ED2951E43EA4A6E931D9E0B83C93C91
.onaudience.com/ Name: cookie
Value: 0f2e5864aaed34d8
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1683260912507697352&KRTB&23339-1683260912507697352
.de17a.com/ Name: guid
Value: 1.6938000792588066926
.adfarm1.adition.com/ Name: UserID1
Value: 7167064248130992268
.adform.net/ Name: uid
Value: 8824179535340228277
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8824179535340228277&KRTB&23263-8824179535340228277
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBsHqfCKePn_5vsw7qCtG9U&KRTB&16514-CAESEBsHqfCKePn_5vsw7qCtG9U&KRTB&23025-CAESEBsHqfCKePn_5vsw7qCtG9U&KRTB&23386-CAESEBsHqfCKePn_5vsw7qCtG9U
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6938000792588066926
.amazon-adsystem.com/ Name: ad-id
Value: AwFDW-GZr09NuJuUfweOGnI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: ljt_reader
Value: FqvdpGZHVQYvQiBNQXyix2ZU
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225AE462F7-5DDE-4D8B-8AFA-14E4E02D2A09%22%7D
.blismedia.com/ Name: b
Value: 637686F60830E1E421EB8EFCBLIS
.turn.com/ Name: uid
Value: 4546302435634190969
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:9ec06376-86f6-4800-918d-f2cba1203547&KRTB&16736-uid:9ec06376-86f6-4800-918d-f2cba1203547&KRTB&23019-uid:9ec06376-86f6-4800-918d-f2cba1203547&KRTB&23208-uid:9ec06376-86f6-4800-918d-f2cba1203547
.mathtag.com/ Name: uuid
Value: 5bac6376-86f6-4400-a8c8-bce9b09cb6f9
.ctnsnet.com/ Name: cid
Value: 8d029a65561845c3996d818b580df12b
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8514ae97-44e4-4671-9e14-123657fc2d68-003%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.sportradarserving.com/ Name: zuuid
Value: e46ca7d1-e21b-455b-9636-5c5c70bef1d4
.sportradarserving.com/ Name: c
Value: 1668712183
.sportradarserving.com/ Name: zuuid_lu
Value: 1668712183
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1668712183
.criteo.com/ Name: uid
Value: 557fd33f-0682-49ca-9460-7b6c3604dd5b
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~28cj:18z8~28cj"
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7167064248130992268&KRTB&23369-7167064248130992268
.quantserve.com/ Name: d
Value: EKsBCwHMJ_ijAA
.quantserve.com/ Name: mc
Value: 637686f8-ba19d-a2765-af19c
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl&KRTB&19420-nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl&KRTB&22979-nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl&KRTB&23403-nFk7FpJcahiHCG0Rkw4hQZhdOhWHC2oRkwk64Thl
.zeotap.com/ Name: zc
Value: 7b13c890-4d15-4f86-693f-f6b779146681
.walla.co.il/ Name: cto_bundle
Value: j8QGVF81aDRTaU1SdnRyQXU4OCUyQlpsMURaNUtnN0xZeEQxeTV3bEQzeUdTNkhtc0x5T0N5QkhrU0VRWFVDRjZYMlZGeDlkcDFvc2hsYUpqaWdwJTJCYkxvM0tORkhzUnl0M0l0aFJPb2ZDeTBIVUxTV0d6c2hvVmtJVEdHUGFUSUxWM2JPbm9ETmRBdDRVNnlydmtITmNGZkU5bVVBJTNEJTNE
.walla.co.il/ Name: cto_bidid
Value: HlZt918zWDdmb0JrS3ZmcWNUbUNHTm1SdlZNZGFBREFuWGJQQzVsSzREJTJGWFllRmgzT0pqY2lxOGZpWG03ZmRKa1BiUUloem5PSEFjR0JCTXZyUUVnc1JnVHpIRXhVWFBQekRnRWVlSXNzMm5nRFo4JTNE
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4546302435634190969&KRTB&23150-4546302435634190969
.fiftyt.com/ Name: fifid
Value: ca3c26c2-1ba2-451a-5de7-df23affe1567
.fiftyt.com/ Name: cs
Value: MTY2ODcxMjE4NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fBylCCM0oOwnjVvCnhCFgOaizvhVSLM5xEKTYxmJ79nL
.semasio.net/ Name: SEUNCY
Value: DEC80587CB867620
.bidr.io/ Name: bito
Value: AADfn07G7Q4AAB9c6cfOsg
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: checkForPermission
Value: ok
.fiftyt.com/ Name: fppm
Value: 20221117190944
.w55c.net/ Name: wfivefivec
Value: FGuVyNR91OVKgE5
.w55c.net/ Name: matchcasale
Value: 5
.scoota.co/ Name: tuuid
Value: 87d7ac64-3b43-48e9-9eb5-5043e7085788
.scoota.co/ Name: c
Value: 1668712185
.scoota.co/ Name: tuuid_lu
Value: 1668712185
.casalemedia.com/ Name: CMTS
Value: 5182
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-86f8262f-d03d-4201-a4af-89df33b8d674
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Ilgu9T+1!]tc98bhzs#DNB=:lK9B*:3[/Fvl2Y?M]_QB$Q^2?TO#s<x73yT!y<'?5Wjc[N05Ihjdr7ki'Hq*g0D(S(UtY
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI4NWEwMmJhY2ZmYmM2YmE0N2RiM2ZiOGQxMmQxZTU4NCIsImV4cGlyZXMiOiIyMDIzLTAyLTE1VDE5OjA5OjQ1WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTExLTE3VDE5OjA5OjQxWiJ9
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6ab7a588-69a6-4272-85d0-e14d0acb8372"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njg3MTIxODU7MjswMjGpRaLrr2zG5+6PXZYB9KvfSsUcA/XDbS/o6tW/G5FDvA==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2908:u=1:x=1:i=1668712185:t=1668798585:v=2:sig=AQE4CFtKPeTZcR1F6cJAsgXEk2w3-swD"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c9c8b792-191e-46bb-6ae9-fb5e67d12540.cod1auRWdkO7B%2BZ6XWMkp1dZHtdm8fthH%2FncJ0zzAis
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ayci3khkeRrtq6fteZ9ElQLnVm6I.6u%2BEZhjX90SjfK1oQZafQPNXiEywfc9z12PQntKM3uw
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-yci3khkeRrtq6fteZ9ElQLnVm6I&KRTB&23334-yci3khkeRrtq6fteZ9ElQLnVm6I&KRTB&23417-yci3khkeRrtq6fteZ9ElQLnVm6I&KRTB&23426-yci3khkeRrtq6fteZ9ElQLnVm6I
.audrte.com/ Name: arcki2
Value: fdaOAdh00zESsmX3DsQg3dVag!20220908!1668712185140!ip#185.213.155.162
.audrte.com/ Name: arcki2_pubmatic
Value: 4041DC16-92D8-4A23-A3D4-4E4CE13A08BA!20220908!1668712185144
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 158810:3
.pubmatic.com/ Name: DPSync3
Value: 1669852800%3A235_245_197_226_227_241_219_221_201%7C1668729600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1669852800%3A81_243_8_21_233_54_176_166_13_56_238_3_99_251_55_220_234_161_7_22_71_88_214_204%7C1669939200%3A35%7C1669248000%3A2_15_223%7C1669507200%3A63%7C1671235200%3A203
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8514ae97-44e4-4671-9e14-123657fc2d68-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: 53755705-990f-401c-8bd5-727d8f38c573.437926185
.spotxchange.com/ Name: audience
Value: 65f0c29c-66ab-11ed-b5e7-1e5bf6c20106
ads.playground.xyz/ Name: connect.sid
Value: s%3AmorhZ255shIeMkHzLVmRtKu3xp_SaYXr.Fo6S2qjuT3DQxfwvLRpbfNeAvVFmImUf8mRdBggvryc
.weborama.fr/ Name: AFFICHE_W
Value: NHL2OlUq4BE030
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3aG_QAIx2z-XAA7
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y3aG_QAIx2z-XAA7&KRTB&22978-Y3aG_QAIx2z-XAA7&KRTB&23194-Y3aG_QAIx2z-XAA7&KRTB&23209-Y3aG_QAIx2z-XAA7
.pubmatic.com/ Name: PugT
Value: 1668712183
.smilewanted.com/ Name: sw_user_params_infos
Value: 2sEFy9LMrvSyBV65W9FQu%2B%2FwUbiunaC%2FgKFWezmqjDc%2Fc813WWbZ105rcklWTXs593Q4N%2F4lBkMxa4L6cEN5gZllY5fo2IsVxG1e9vJBUY3ZTw2IhT9j6tLy%2FQdGbtfIXdrRGzogoU9flU59XEkY7ieaEem236ohWiAEgHdqTRehXAcwnpf48BkY%2Fv7d%2FxZ9xfyWZ%2FqkxKXfHHzMhsTkxce6RMn2Cl5V%2BS1VRRR5Mqeo%2Fzr2eDIP18Tm0tZNFyptcfhjooSJ8e4SLWzduz1IBJyqESuRyPpdmyT%2FQGPVLeJthixYgxLRp924PgWocBbCiuDPU2RN2nLaryyNlookxst9hZOkFmL8GW2tZtsiYxRUSTCfI9VfnwVW2YAnDpyEDkXhubtgz%2BFjoR697iwldCDeJaKDOsOT2DcC82geU3wJ0ErLMkADeUbkTjodlpHFStBxe6dkA3g02o7nvAXP6w%3D%3D
.tribalfusion.com/ Name: ANON_ID
Value: aEnseFRZdySaAIUMnYFhNqCxxfb4f6ueJ7LyTSLiopowQYfxoqkUtHIZbpZaw6PoiZdXD5HZd3ZdUU7qTXQKtDFwDc
.pubmatic.com/ Name: SPugT
Value: 1668712186

8 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-11-17
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14046155014989064645/300x250_EN_MM/index.html".
security error URL: https://960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16900789838091633912/300x250_EN/index.html".
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4041DC16-92D8-4A23-A3D4-4E4CE13A08BA&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0f2e5864aaed34d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaMXnVSUWggnQYWQS
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

960270b76d01a0f82e0aaae6df59f37f.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
aud.pubmatic.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bidder.criteo.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.connectad.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.valuad.cloud
cf.dxmcdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
img.wcdn.co.il
ipac.ctnsnet.com
js-sec.indexww.com
khn.crowdad.io
mab.chartbeat.com
mabping.chartbeat.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
walla.co.il
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.walla.co.il
x.bidswitch.net
103.229.205.242
104.18.33.19
104.19.149.54
104.22.68.131
104.244.42.8
13.224.189.35
13.248.245.213
141.94.171.212
141.95.171.142
142.250.185.226
142.250.186.162
151.101.114.132
151.101.130.49
151.101.65.108
159.65.197.210
172.64.151.162
172.64.154.237
178.250.0.157
178.250.0.160
178.250.2.151
18.155.145.50
18.66.122.123
18.66.97.113
18.66.97.76
184.24.1.49
184.86.251.220
185.184.8.90
185.255.84.150
185.64.189.112
185.64.189.115
185.64.189.229
185.64.190.80
185.80.39.216
185.83.142.19
185.86.138.122
185.86.139.114
185.86.139.115
185.89.211.132
185.94.180.126
195.5.165.20
198.47.127.20
2.19.85.55
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.185
213.19.147.45
213.227.153.222
23.203.77.3
23.35.236.201
23.53.172.16
2600:9000:20eb:2c00:4:1c73:c740:93a1
2600:9000:20eb:d600:11:da61:a100:93a1
2600:9000:21f3:7c00:1e:a43d:b640:93a1
2600:9000:223c:b400:18:1fcd:351:7bc1
2602:803:c003:200::31
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1957
2606:4700:10::6816:36ce
2606:4700:20::681a:8a9
2606:4700:20::ac43:4a81
2606:4700::6810:5714
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:802::200e
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2014
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9d
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638:1::8
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::b
2a02:fa8:8806:13::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::714
2a05:d018:cc3:fe04:3eca:3e11:a642:4dca
2a05:d018:d29:3601:66b:1664:ed6:c452
3.126.56.137
3.68.1.16
34.102.253.54
34.111.129.221
34.111.131.239
34.248.17.75
34.96.105.8
34.98.64.218
35.156.193.4
35.157.180.193
35.157.189.90
35.157.229.218
35.186.193.173
35.190.0.66
35.201.96.126
35.204.74.118
35.214.223.115
35.227.252.103
35.71.131.137
37.157.3.28
5.161.47.120
51.75.86.98
52.208.146.5
52.46.143.56
52.86.97.203
54.195.100.225
54.226.78.37
54.229.166.11
54.239.38.253
54.243.58.43
54.76.86.227
54.86.116.177
54.87.27.54
64.202.112.95
66.155.71.150
69.173.144.138
69.173.144.139
70.42.32.255
72.251.249.14
77.243.60.138
85.114.159.93
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111
03820dcedde5a048ea1dacf83bd185f9363ddf279dc6c06a844b29b0901b115f
03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c93f8d07c36a4e1183845d3534ca109c7c29c73c097b23a7529f4ce39d40b5b
0ca5e6b6593b9be2029d01ba9a9087790b04a472311b34fb2662d89f95f4b148
0ec3cb3aea0bfc2906e9f7caa425f80e95f05e56a9b1dfb3f49e003b0753acec
133884edba9d28692be3471fa8848ad9ef287300e520f37c43e637dec58e6512
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180ff62d7cf0a7a708afa95fd84d66dd6b265fce39cfbc1d2297432f4b4d4b5a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a53cb9155346940c034192d19564f88b7fa59983311cbd54dee3ebb227bb6bc
1d02296edfb33147af9c0d25d427916c0cb4f9ebcfd6b5d0f1fdd437dd8ddf36
1d0548a7214a7efb8ac7cc7562a6fb4c317ba0ace7363414d9bf3dd1c6717abe
1e6aa9b5362097a7655fdfa8537a476f7dbc9d4c42a375673c3e385c879d2cfc
216219094735606ba7083dba2e89479b7477b17e70ad669b03a3ae47e6ad89e0
22eb4b0129337769b448059780435c9927bf50ede621129408c614883b588dc4
24478d1a8dc128e0d523dbf0dfa6c69995814ba8450c53d73526bda1f2f84adc
262888303d82faa341c816815bd8994c2ed813adf705556c14c222f98df1ae3f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d4ae838b6ca01ae283f3b80094168353faa52beadac810e0e7ab8618628a14c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
324633a3d349439d4b5a7dcd60a06a91623acbbb20c98e377886f6aebbcc12eb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34f6c6677d910cbeb02d8a7a1aaec4082fb8dec8a08baf4ad7e2b813be71b6b8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
381afc3ddc6dbb5d58659e2b0ecdce1c2d54aa827257669e59164a1a7819b511
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb0e31410e9f2996e2eee5ff261c3824762a2ff33896ed7c54d5cfea4d614f4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
501ff47e21ba921e93282bf091dbaefa0aeb82a3c97d0940dfbaab567ad22240
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
52bc90e82c6e85527ad2a17e2301bae4a99c0576a8a2148ef2118aad99f70603
52e5e2e7d5d045b725c3e1d92c6d91130982ccc30d8f89984a3aaf9cb2216e33
530cbfd73b9316efe43164e0a64c908157ff67475705c37f52edf7db1918e98d
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
58ea193c0a47c4475940d00d966af3aba9ac9ae4f9b2200a426214ed3fa3068d
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
59f1429af3c28d6ab78b303835602c4d8eb28c791eb3757d23b92bf87233f675
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5db50d683e0b77a3121466e587192f0711efbbba9df0d3adb3645bcb436eae1e
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ed7cf5433c389ee8ba4b3b6d657fd4eab3b91c463998fbd876bef88aa35276c
60c87b8ca93da9430130a54a30b3e910c9e73ac34efa13b29098a210435bd186
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635806966dbc027861305ee488fcd27a0c78df960561f9b635e8d9a76d52a358
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68e85ddf76b98bb06e4fb9e7cef3a0bf4864a5e8235c226e087158ad41e90a00
6e6de2c7977b8fb4e17d1fe0db90f5b25f46481daebf5092541f648e6b616a02
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72c530773071f1aa1e6f7a3b0d20810449c8b6eb39d6e109fcd7082868888f68
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7aa8178d8811eecc039f610e464f13c9c92a3e4caaf72ae7ca2af53cad5e209c
7b90d7af1220bdd35955f56de88c71ef4eb3c92d7fb414b4ef0aad4456c557d4
7c0c70cd209bcc0c2692faf8dfd5e0aa98fe7720c797d337b53e100703dff20e
7c2a5fe634034250f22ff927e5524535e530534382188ee1fdc56f1da4905b52
7d2d1679166b3b7479cb141847433247bc42ae3fba26ebe60d348858a64991a7
7f0535609af006b7dec032ce1aa04e4fdc460dd99852c8a96ffcf41473106024
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
88af541f9bbb4e0fd2101f0d895ab423b6ed52a8c3198632f23e4274f4908d50
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8cbf521c927e4207ed500bfd1fc32f2060ed12d0ac4245a1e1379a06ea5a3737
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de60f3ccc85e41182fd74495371890109769c5e4a9e96878287012511a1185a
8e71b6942403567489ef3b0842d646bf40fb86523c32222b7b237224357b5a14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93fdd38ccfa6d38a959c926993675934d0a2ffae29b87b9c198b5808ebcdb78f
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
97ac84c0ecb38096012ffd082ada07a60227f692630a644aaee99c9570020578
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c34a3148b5e3a09cb2ffea49aa2702957aaeb4a743a6ececa67d18ba7cb10c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a065077fd5f26f85cfa2cb4ac531f7937f9a5ee1f8ac730c16e6785968753981
a072b385a8c9c0da3ace487e0ffc0f998d28a711512f0414e670e7e600d1cf7b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f03770b2a6f73ca1bb1f856dd403c108c2f5b196305f2bda1e1754b8775304
a1a9e9ca84c2d453e479b771cb4577b109ad5cd00b6d7a23ed9875f09f619963
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
acf6065a1e918d23c4252187af26e95c150ed8285fece76659e48fe50cfa06ed
ad5d8bd33b4afecce0cf1c3d38ced10bc1f345e6e0371d9d9b54b85f21fa3f58
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad7061bf309564b186535cef6cc9ca4681314ca5e09f287d5f92caab69ba74ca
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af8ade5267850f499d3bbf4675d595bbc040a83e2dbefa30a6d28ad3f01b4bde
b0b2ab84de1dfa760cc8adb1ca9e29173891ff941e857adb22261ecdb52a7644
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40fcd8e22829cd66c3062cf7448f03b54e0c43f9d518bc6130a6aea2f17a132
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b50e9832904ae991539d92bd90cf510625160ffa1357e1da16a62f5f2319fa46
b54383a2ad0bceb07ea158f9e566d03293c64e235b2c1b0b574992de1b8e2157
b69e71f26c11fc7dea0aaeed85f16819b27bdd84fab8b7ca6ed6d35bd1fefb34
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b82321148229dced6dcf746385d81b79f5925607672c8f4f9b0082911c3ebda9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc7d38447605918dbb4dba040b879dfcad733a723ffe04b7a1b7176c13cd08b
be3bd5fe7bdc9d57349da5d10193d70dbac46151d263a69604c923b72abb2b4d
beeba024ea2fd747354d41dfbd69119e64ad63999dbc16a2fb09b69a19455aa8
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5b8c33935eb54f665133731f389751b694cb221fd19e19bca18758034e86ce9
c7df0a1d404c5f50f4eae6e994c6eafa46decd1770afceaf6a4e73b414baf8e1
c7e196714898a142c4c19f2c4d9870bab3bd40a3f82eccd376b1992441660a75
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdaf4f5a1085524dfa6e90462b42bf0133a99ab6f019eebaccb2af3c03348bef
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf1775d0a91837b6d93b91469cf7a98784446fbae1a5bfb40c63d8f013061c01
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0f99b608060a68f5de9402cbd52809497e16070ab53ff6215b1d455e727ce4c
d1dc5d7ef07dd2dfa57bd99bab5e04a2eccd2b5a5a8810110d1bea166429a63a
d22683653debb5aeef36a56c3fdadbcbb8699d15f39fce704f9033b376776abb
d3c316adf9513e5ef9c542b158da2be161d6a615f65829105bc86b9b872f54b3
d417089b232a1f3da44d9c9196d25b2ca06d7763544270b5fd9b0d3984bf0939
d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d79e7d975717101ea342d24992a0ca697bf3ea158162adbb88aa9011bae3127e
d8b5ce25e333cbdcf69d7d3b30dd3400d2f248602e7ddb76b1b874d8506d2965
d96cfa09f9ae2c215bf36728a3ac9e60b5cff2c3a8d6e86840d6561ea3e91f08
da2ac9b9317e770eee834c144e259c12d945d5126330274fd366345121d1275b
ddbdadccced568abdf2baa591ab01d73835cbed0f3b511572bd711045622a95f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6ab45bdbef1c6e8c85040c7fc011b8ed4a7938ed0ecbf4e214e35e90fde88b
de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7
e065e2d4f32300099eef7e39ed9a8a4d5da957767f9ef62e818dd54688117376
e27109f8856e59b0f36419938f8e996e1068e2240d93228e16bb750da9881acd
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e0c0eb7964567b3c8348d7fee5a69a923b4c4e45e196e7b4b8842cd20096ef
e54a2c7b99c4572dccdd37913e67f7e55c6e53ef8576f420fb559d7e56b1540c
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08
e7a478a8514e4da0b88831319b97556512a82436130a9479bc3625bbc072edd3
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec529d77dc9c90119e67b77cce4aa3bbc898b936ecde2715ee7d0d7e67295450
ec95b6c31753c1cd92f6ac48949ea22825e4af26d845dc8b9a9a9b977ebc41fb
ecda6ae87085a3a767ad525bbf6c00ca982040b8994715f1358adffdd8f89075
ecf1bb564e2fd2035856aae309500a97c77b3f1ce7cfe1c807d9d2f7a85b9fa0
ed171d7f80d5c9251c5c23dca6413b485ce5abac6c4be77a32f0f1441c7f397b
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04a1c55723ec776d73ba9e0970dee9701ee706e2f27b4028e21859298a1d077
f15188bb5d84e3230c0da87f485956a801611065098a070a90a67cfd02ddd039
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517
f335ef26368e6f5a583e59ea5e06800090e7d2fcbfbbc8ac7fc7d6040356d79f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f6e1ac92dfe2f84368ab073bb791086c0efd2c9aa3c3815f4ee507cc133c99b3
f76867785b29c2b20f23c3ce01abce90e859d99d61355a0e4b7014b97b81136f
f96e3c409f64ccc34f4a75f41e1f4f21b1af2fd9d4a4eb53bcbf4503af96e0c1
f9fc1693bef3b414ec2d07d7479170d7e0c3601cdf221077e1d020349ed4f228
facb127a924c28126a59074d9da5dd5469729ee8d0cc13813a99febf33370085
fb9ef64ef484761e4c03a9f5a51c726f2416d24244787f60140741e05e8295fc
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fef6c48547bc96ac80f5dcbee1f5f6955357611b5164979cdff8182b1281cbaa