urlscan.io logo urlscan.io
SecurityTrails logo

sports.walla.co.il Open in urlscan Pro
52.222.139.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://sports.walla.co.il/
Submission: On September 20 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 12 countries across 95 domains to perform 576 HTTP transactions. The main IP is 52.222.139.122, located in United States and belongs to AMAZON-02, US. The main domain is sports.walla.co.il. The Cisco Umbrella rank of the primary domain is 357968.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time sports.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
41 52.222.139.122 16509 (AMAZON-02)
7 15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 18.239.18.54 16509 (AMAZON-02)
2 2600:9000:239... 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
28 151.101.1.44 54113 (FASTLY)
2 146.75.116.157 54113 (FASTLY)
2 2600:1901:0:d... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
21 34.160.198.118 15169 (GOOGLE)
24 185.237.97.111 204548 (CLOUDWEBM...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 2600:9000:21c... 16509 (AMAZON-02)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 107.21.249.220 14618 (AMAZON-AES)
3 2600:9000:20a... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::714 54113 (FASTLY)
1 18.239.69.83 16509 (AMAZON-02)
2 18.238.243.86 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:210... 16509 (AMAZON-02)
4 142.250.184.194 15169 (GOOGLE)
1 18.239.102.145 16509 (AMAZON-02)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 104.244.42.200 13414 (TWITTER)
3 2a00:1450:400... 15169 (GOOGLE)
2 12 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 18.66.137.74 16509 (AMAZON-02)
4 34.120.218.58 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.134 15169 (GOOGLE)
1 23.213.165.149 16625 (AKAMAI-AS)
35 2a00:1450:400... 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 11 185.89.210.122 29990 (ASN-APPNEX)
1 35.186.253.211 15169 (GOOGLE)
2 7 104.18.27.193 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 185.86.138.124 201081 (SMARTADSE...)
3 7 216.52.2.30 30282 (AS-INAPCD...)
1 35.156.100.108 16509 (AMAZON-02)
3 34.149.20.76 15169 (GOOGLE)
3 2a02:6b8::90 208722 (GLOBAL_DC)
1 185.255.84.150 200271 (IGUANE-)
2 7 51.89.9.253 16276 (OVH)
15 172.67.10.198 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
7 52.214.15.202 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 23.213.164.238 16625 (AKAMAI-AS)
2 2a02:2638:d::4 44788 (ASN-CRITE...)
6 45 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
13 33 216.58.206.34 15169 (GOOGLE)
2 5 178.250.7.11 44788 (ASN-CRITE...)
3 5 198.47.127.19 62713 (AS-PUBMATIC)
20 2a02:2638:d::2 44788 (ASN-CRITE...)
2 178.250.7.9 44788 (ASN-CRITE...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
8 35.71.131.137 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 7 18.192.225.250 16509 (AMAZON-02)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.129.44 54113 (FASTLY)
10 141.226.228.48 200478 (TABOOLA-AS)
1 213.202.235.9 24961 (MYLOC-AS ...)
2 9 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a02:2638:3::10 44788 (ASN-CRITE...)
4 2a02:2638:d::11 44788 (ASN-CRITE...)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
1 2 34.253.61.43 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
2 4 157.90.211.246 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
2 2 46.228.164.11 56396 (AMOBEE)
3 3 203.195.121.142 7979 (SERVERS-COM)
3 8.2.110.114 46636 (NATCOWEB)
4 142.250.186.98 15169 (GOOGLE)
1 2 37.157.2.229 198622 (ADFORM)
2 3.71.149.231 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
4 4 213.155.156.185 1299 (TWELVE99 ...)
6 7 37.157.6.237 198622 (ADFORM)
2 4 2a02:2638:d::7 44788 (ASN-CRITE...)
6 6 52.212.242.190 16509 (AMAZON-02)
1 1 2.19.126.84 20940 (AKAMAI-ASN1)
8 2600:1f13:800... 16509 (AMAZON-02)
2 3.77.133.205 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 141.101.90.98 13335 (CLOUDFLAR...)
1 67.202.105.23 32748 (STEADFAST)
1 35.244.159.8 15169 (GOOGLE)
1 76.223.111.18 16509 (AMAZON-02)
2 95.101.149.233 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2 52.46.143.56 16509 (AMAZON-02)
2 2 35.214.213.51 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
3 3 98.98.134.242 21859 (ZEN-ECN)
2 3 63.35.30.113 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 54.196.73.80 14618 (AMAZON-AES)
1 141.226.224.32 200478 (TABOOLA-AS)
1 69.173.144.165 26667 (RUBICONPR...)
8 198.47.127.205 3257 (GTT-BACKB...)
1 2 54.239.33.158 16509 (AMAZON-02)
5 185.64.191.210 62713 (AS-PUBMATIC)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 34.236.109.207 14618 (AMAZON-AES)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 178.250.1.11 44788 (ASN-CRITE...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 64.95.96.108 32475 (SINGLEHOP...)
1 1 185.86.138.150 201081 (SMARTADSE...)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
3 3 141.94.171.215 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 1 18.159.127.80 16509 (AMAZON-02)
576 125
41    52.222.139.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-122.ams50.r.cloudfront.net
sports.walla.co.il
15    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.239.18.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-54.ams58.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2394:ee00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
28    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
2    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
2    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
expansioneggnog.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    34.160.198.118 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
24    185.237.97.111 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
admin.teleline.co.il
2    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:21c7:c200:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
9    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    107.21.249.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-249-220.compute-1.amazonaws.com
ping.chartbeat.net
3    2600:9000:20ab:b000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2a00:1450:4001:82f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    18.239.69.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-83.ams58.r.cloudfront.net
ecdn.analysis.fi
2    18.238.243.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-86.ams58.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2104:9200:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
1    18.239.102.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-102-145.ams1.r.cloudfront.net
d29k50lkkhkjby.cloudfront.net
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
static.adoric.com
gcpstatic.adoric.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.66.137.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-74.fra60.r.cloudfront.net
d2muzdhs7lpmo0.cloudfront.net
4    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com
widgets.outbrain.com
35    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
11    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
7    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
r.casalemedia.com
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
5    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
7    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    35.156.100.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-100-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
7    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
15    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
12    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
1    2600:9000:2104:ac00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
loader.unblockia.com
7    52.214.15.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
event.dxmdp.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82a::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
45    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:2490:7c00:10:be65:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.unblockia.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    2a05:d018:d29:3602:5aec:1139:b771:4a28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
33    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
cm.g.doubleclick.net
5    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
20    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
7    18.192.225.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-225-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
1    213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
tagm.tchibo.de
9    2606:4700::6812:1ac1 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
7    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
4    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
2    34.253.61.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-61-43.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
18    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
2    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
7    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    2a02:2638:d::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
6    52.212.242.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-242-190.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2.19.126.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-84.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
8    2600:1f13:800:7780:cac2:6f16:d61a:7f96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    3.77.133.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.o2online.de
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
pixelgroup-d.openx.net
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    2600:9000:20eb:5000:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.214.213.51 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 51.213.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
3    63.35.30.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    54.196.73.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-73-80.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
8    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    34.236.109.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-109-207.compute-1.amazonaws.com
a.audrte.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    18.159.127.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-127-80.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
Apex Domain
Subdomains		 Transfer
92 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
557 KB
65 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
ad.doubleclick.net — Cisco Umbrella Rank: 180
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
359 KB
41 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
pm-widget.taboola.com — Cisco Umbrella Rank: 3991
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
am-trc-events.taboola.com — Cisco Umbrella Rank: 12677
images.taboola.com — Cisco Umbrella Rank: 1957
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-match.taboola.com — Cisco Umbrella Rank: 13197
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
sync.taboola.com — Cisco Umbrella Rank: 1624
pips.taboola.com — Cisco Umbrella Rank: 1909
cds.taboola.com — Cisco Umbrella Rank: 2514
576 KB
41 walla.co.il
sports.walla.co.il — Cisco Umbrella Rank: 357968
2 MB
31 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000
csm.eu.criteo.net — Cisco Umbrella Rank: 7577
296 KB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
95 KB
24 teleline.co.il
admin.teleline.co.il — Cisco Umbrella Rank: 344095
153 KB
22 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 640
ads.eu.criteo.com — Cisco Umbrella Rank: 7499
dis.criteo.com — Cisco Umbrella Rank: 910
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 8966
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14897
ssp-sync.criteo.com — Cisco Umbrella Rank: 1816
mug.criteo.com — Cisco Umbrella Rank: 1822
103 KB
21 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 135340
282 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
480 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
r.casalemedia.com — Cisco Umbrella Rank: 2435
11 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
32 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 11
region1.analytics.google.com — Cisco Umbrella Rank: 2225
2 KB
13 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 851
fw.adsafeprotected.com — Cisco Umbrella Rank: 1083
dt.adsafeprotected.com — Cisco Umbrella Rank: 765
101 KB
13 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 49104
event.dxmdp.com — Cisco Umbrella Rank: 47998
158 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
acdn.adnxs.com — Cisco Umbrella Rank: 960
26 KB
9 adform.net
cm.adform.net — Cisco Umbrella Rank: 1654
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
5 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
storage.googleapis.com — Cisco Umbrella Rank: 785
198 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
2 KB
7 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
14 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
1 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
3 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
3 KB
6 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2163
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
4 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 3974
816 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
284 KB
5 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 302342
app.adoric-om.com — Cisco Umbrella Rank: 64973
60 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
42 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
413 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
3 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
1 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2941
841 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
272 B
4 33across.com
ssc.33across.com — Cisco Umbrella Rank: 5893
ssc-cms.33across.com — Cisco Umbrella Rank: 1718
648 B
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
20 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 80400
122 B
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3680
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144
898 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
866 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
2 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
1 KB
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4144
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
2 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7041
creativecdn.com — Cisco Umbrella Rank: 821
908 B
3 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11704
588 B
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 5268
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
358 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2260
mp.4dex.io — Cisco Umbrella Rank: 3052
26 KB
3 adoric.com
static.adoric.com — Cisco Umbrella Rank: 66037
gcpstatic.adoric.com — Cisco Umbrella Rank: 234102
32 KB
3 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 14591
loader.unblockia.com — Cisco Umbrella Rank: 14443
t.unblockia.com — Cisco Umbrella Rank: 13690
40 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
204 KB
3 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
d29k50lkkhkjby.cloudfront.net
d2muzdhs7lpmo0.cloudfront.net
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1600
syndication.twitter.com — Cisco Umbrella Rank: 1900
131 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2129
mab.chartbeat.com — Cisco Umbrella Rank: 3751
25 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 35065
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
514 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
952 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
10 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
717 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
pixelgroup-d.openx.net — Cisco Umbrella Rank: 143887
436 B
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 40182
cdn.firstimpression.io — Cisco Umbrella Rank: 38184
104 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 31360
20 KB
2 expansioneggnog.com
expansioneggnog.com — Cisco Umbrella Rank: 162866
24 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10466
345 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4098
439 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
704 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
283 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
612 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2779
424 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 163865
60 KB
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 57686
609 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
591 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
481 B
1 tchibo.de
tagm.tchibo.de — Cisco Umbrella Rank: 41652
60 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11243
553 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2803
173 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2808
433 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6135
175 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2157
1 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 46231
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1669
201 B
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3714
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 125772
277 KB
576 95
Domain Requested by
45 tpc.googlesyndication.com 6 redirects a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
sports.walla.co.il
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
41 sports.walla.co.il sports.walla.co.il
35 pagead2.googlesyndication.com 12890047.adoric-om.com
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
s0.2mdn.net
sports.walla.co.il
securepubads.g.doubleclick.net
33 cm.g.doubleclick.net 13 redirects a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
googleads.g.doubleclick.net
24 admin.teleline.co.il sports.walla.co.il
21 images.wcdn.co.il sports.walla.co.il
20 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
cdn.valuad.cloud
18 s0.2mdn.net sports.walla.co.il
s0.2mdn.net
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net 7 redirects sports.walla.co.il
securepubads.g.doubleclick.net
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
12 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com securepubads.g.doubleclick.net
12 www.google.com 2 redirects sports.walla.co.il
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 images.taboola.com sports.walla.co.il
11 cdn.taboola.com sports.walla.co.il
cdn.taboola.com
10 csync.smilewanted.com cdn.valuad.cloud
csync.smilewanted.com
9 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8 simage2.pubmatic.com ads.pubmatic.com
8 dt.adsafeprotected.com a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
sports.walla.co.il
8 match.adsrvr.org a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 ib.adnxs.com 3 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
7 imageproxy.eu.criteo.net ads.eu.criteo.com
7 x.bidswitch.net 3 redirects a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
am-match.taboola.com
7 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
7 onetag-sys.com 2 redirects cdn.valuad.cloud
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
csync.smilewanted.com
7 ap.lijit.com 3 redirects cdn.valuad.cloud
csync.smilewanted.com
6 match.prod.bidr.io 6 redirects
6 c1.adform.net 5 redirects ads.pubmatic.com
6 am-trc-events.taboola.com sports.walla.co.il
cdn.taboola.com
6 storage.googleapis.com sports.walla.co.il
app.adoric-om.com
6 www.google.de sports.walla.co.il
6 tags.dxmdp.com sports.walla.co.il
tags.dxmdp.com
5 image2.pubmatic.com ads.pubmatic.com
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 dis.criteo.com 2 redirects a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
5 www.googletagservices.com a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
5 gum.criteo.com 1 redirects cdn.taboola.com
cdn.valuad.cloud
static.criteo.net
5 prg.smartadserver.com cdn.valuad.cloud
5 www.googletagmanager.com sports.walla.co.il
www.googletagmanager.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 ssp-sync.criteo.com 2 redirects csync.smilewanted.com
4 d5p.de17a.com 4 redirects
4 googleads4.g.doubleclick.net sports.walla.co.il
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 pr-bh.ybp.yahoo.com 3 redirects
4 www.facebook.com sports.walla.co.il
4 app.adoric-om.com 12890047.adoric-om.com
4 www.googleadservices.com www.googletagmanager.com
sports.walla.co.il
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
4 www.google-analytics.com sports.walla.co.il
www.google-analytics.com
www.googletagmanager.com
3 pixel.onaudience.com 3 redirects
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 pixel-sync.sitescout.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 dsp.adfarm1.adition.com 3 redirects
3 cms.quantserve.com 1 redirects a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
3 us.ck-ie.com csync.smilewanted.com
3 ads.betweendigital.com 3 redirects
3 sync.1rx.io 3 redirects
3 secure.adnxs.com 3 redirects
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 trc.taboola.com cdn.taboola.com
sports.walla.co.il
3 fastlane.rubiconproject.com cdn.valuad.cloud
3 prebid.smilewanted.com cdn.valuad.cloud
3 bs.yandex.ru cdn.valuad.cloud
3 ssc.33across.com cdn.valuad.cloud
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 connect.facebook.net sports.walla.co.il
connect.facebook.net
3 static.adsafeprotected.com sports.walla.co.il
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
2 loada.exelator.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 pixel.tapad.com 2 redirects
2 csync.loopme.me 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 match.sharethrough.com csync.smilewanted.com
2 ups.analytics.yahoo.com imprammp.taboola.com
ads.pubmatic.com
2 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
2 cm.adform.net 1 redirects csync.smilewanted.com
2 ad.turn.com 2 redirects
2 fw.adsafeprotected.com 1 redirects sports.walla.co.il
2 rtb.fr3.eu.criteo.com a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 static.smilewanted.com csync.smilewanted.com
2 cat.fr3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
2 fonts.googleapis.com 12890047.adoric-om.com
tpc.googlesyndication.com
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 static.adoric.com 12890047.adoric-om.com
2 web-sdk.smartlook.com sports.walla.co.il
web-sdk.smartlook.com
2 expansioneggnog.com sports.walla.co.il
12890047.adoric-om.com
2 platform.twitter.com sports.walla.co.il
platform.twitter.com
2 static.chartbeat.com sports.walla.co.il
1 pubmatic-match.dotomi.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 mwzeom.zeotap.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 mug.criteo.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cds.taboola.com cdn.taboola.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 cf.dxmcdn.com tags.dxmdp.com
1 pips.taboola.com cdn.taboola.com
1 js-sec.indexww.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 eb2.3lift.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 portal.o2online.de sports.walla.co.il
1 ads.stickyadstv.com 1 redirects
1 am-vid-events.taboola.com sports.walla.co.il
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 sync.targeting.unrulymedia.com 1 redirects
1 cdn.firstimpression.io ecdn.firstimpression.io
1 tagm.tchibo.de sports.walla.co.il
1 vidstat.taboola.com cdn.taboola.com
1 pixel.rubiconproject.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 dclk-match.dotomi.com a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
1 tr.blismedia.com a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
1 t.unblockia.com cdn.unblockia.com
1 cadmus.script.ac script.4dex.io
1 gcpstatic.adoric.com sports.walla.co.il
1 loader.unblockia.com 12890047.adoric-om.com
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 rtb.openx.net cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 pro.ip-api.com sports.walla.co.il
1 widgets.outbrain.com sports.walla.co.il
1 ad.doubleclick.net sports.walla.co.il
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 d2muzdhs7lpmo0.cloudfront.net d29k50lkkhkjby.cloudfront.net
1 syndication.twitter.com platform.twitter.com
1 12890047.adoric-om.com sports.walla.co.il
1 d29k50lkkhkjby.cloudfront.net sports.walla.co.il
1 cdn.unblockia.com sports.walla.co.il
1 ecdn.firstimpression.io sports.walla.co.il
1 ecdn.analysis.fi sports.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 ping.chartbeat.net sports.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net tags.dxmdp.com
1 cdn.permutive.com tags.dxmdp.com
1 cdn.valuad.cloud sports.walla.co.il
576 166

This site contains links to these domains. Also see Links.

Domain
www.walla.co.il
weather.walla.co.il
mail.walla.co.il
news.walla.co.il
e.walla.co.il
finance.walla.co.il
healthy.walla.co.il
food.walla.co.il
celebs.walla.co.il
travel.walla.co.il
tech.walla.co.il
b.walla.co.il
fashion.walla.co.il
cars.walla.co.il
www.sheee.co.il
home.walla.co.il
fun.walla.co.il
help.walla.co.il
nadlan.walla.co.il
mekomi.walla.co.il
marketing.walla.co.il
gaming.walla.co.il
mazaltov.walla.co.il
horoscope.walla.co.il
law.walla.co.il
judaism.walla.co.il
walla.co.il
tld.walla.co.il
calendar.walla.co.il
yoram.walla.co.il
vod.walla.co.il
viva.walla.co.il
www.jpost.com
dcx.walla.co.il
www.tiktok.com
www.instagram.com
twitter.com
www.facebook.com
beauty.walla.co.il
seniors.walla.co.il
doral.walla.co.il
stayinghealthy.walla.co.il
cannabis.walla.co.il
b144.walla.co.il
galil.walla.co.il
showbiztip.walla.co.il
yarokkl.walla.co.il
sanofi.walla.co.il
special.walla.co.il
fantasy-sport1.walla.co.il
www.winner.co.il
play.google.com
apps.apple.com
facebook.com
www.wallashops.co.il
career.walla.co.il
now.walla.co.il
zoom.walla.co.il
tv-guide.walla.co.il
holidays.walla.co.il
www.b144.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
paisculture.walla.co.il
www.drushim.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
madaney.walla.co.il
eilat.wallashops.co.il
www.wallatours.co.il
www.wallaprint.co.il
apps.walla.co.il
shop.rewe.de
popup.taboola.com
trc.taboola.com
www.serenalpes.com
news.dailyrituals.de
pro-verbraucher.info
ad3.adfarm1.adition.com
tagm.tchibo.de
mx.investing.com
recruiting-offensive.com
www.aroundhome.de
trendscatchers.de
lhlrtvx.com
rfvtgb.studentsea.com
tags.walla.co.il
www.oref.org.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
valuad.cloud
E1		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
expansioneggnog.com
R3		 2023-09-09 -
2023-12-08		 3 months crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
admin.teleline.co.il
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-02-28 -
2023-12-02		 9 months crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.unblockia.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
adoric.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.adoric.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-04-08 -
2023-10-07		 6 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
tagm.tchibo.de
GeoTrust RSA CA 2018		 2022-10-12 -
2023-10-12		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
portal.o2online.de
E1		 2023-08-02 -
2023-10-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh

This page contains 81 frames:

Primary Page: https://sports.walla.co.il/
Frame ID: D6228F3134DB55E42D067726F8204F2A
Requests: 255 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsports.walla.co.il
Frame ID: 009B4226466F9E5F694F16E897CBB26A
Requests: 2 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0516AF3F9C85122FA416272D5E3768F9
Requests: 1 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44A8082A9D23C05B2C7A57C6834EC723
Requests: 9 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6961F0C35FFFC8011508BB8153C8318D
Requests: 10 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E7F7BEAB42D465DD3AB0CDF4D396BA1
Requests: 4 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E46DCBC1312803589A6CF37CFA111EFB
Requests: 4 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1EC97C3D645C31517F60B2EF3F7B3B0E
Requests: 4 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB104B7C6DDB4EA6D83517ED48A99BC7
Requests: 4 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0306EB9E8C97AFB07B514E98E7C9A1AC
Requests: 4 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23B42BE69839C28D4A10304624CA7181
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 6BE5AD2C15849190DC8FD33E6318873D
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 998BE222EE608960D0F3BBEA6DA8D6FE
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: F01C27B4A539230A7F2F3551552304C7
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68CF260F68D353D8A874B23BA6EC8A86
Requests: 9 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B5A848D36EEC86F1F1A1FA35892CA4D
Requests: 30 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67F1D1B5F996BF4AE57CF29FEFB3DF9B
Requests: 9 HTTP requests in this frame

Frame: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A253D19C2AF7B7F877815034319AB1BC
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DF525F8E514ADA874183C9C00C9649F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVZk-1GGwqMLukNmAqjUHIWwVOOLa6A2iwti9sq3iH-PGzRXVZW9bohJP1PCeSRK4rclpYWyzBgPfMx9lAlYrv93ZhZqM_f15VXah-11BgB23wehYcDaFKIqEW4BPp1Z9Vsjz4v6Ae_BGIKDrn2UkOOy4F62Vs-1HSwN6HQfg6SfY-pHIY
Frame ID: 8E17E93543678492EC1E4C9F1153F0DF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 451C5CDA7441C70277371474A7451B3B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 81D731ACE6F7F4AC9BE567A14BA0A6AA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi-6cn1ATAB&v=APEucNVTug1dP0O8sS41SI20WPcygo6He5aAVJ64CL32mHNxk9qB6uS8CgJZgGJEShUubRBiu2bDlp89EY6nY-42n9RtKHyJ84y0_GE9KgRN1jS15eroYlDb4xfdJwkrSL9ixXFwXP6g3jgjFHTSmNsNSs0mq8gkUTKo4ksAiTni-VU3jFEwrjU
Frame ID: 4908CF086E7B0BCF38F1896C847B7F6B
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 45CAB9A07D977D280ED93C979CEF3099
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: AE3160EE338B6A47EF9C1FD3F702C21B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 2983E98857AA64D113195FC4E16B0F8A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7D32DEC410BDEC4DDD615FF39F9DDE2A
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 2579C25ACA877B69C3A8A89AB4C6B958
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 454AE1876BF359DC64751D7F122BE81C
Requests: 9 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsports.walla.co.il%2F
Frame ID: 7662DCDDEE0CC3B7584FD350F3B0A6B7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003
Frame ID: 1DDFA2DD1AF233A9EE374BBAFCA6A42A
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&cmcv=&pix=undefined&cb=1695193415642&uv=3340&tms=1695193415642&abt=adxLoadDist7-out_vC!dfrc_vB!nonrv_vA!t45!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=ae590398-852b-4ff4-98ea-d087de739176&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2B28F826732FF4EF6AD6ADCC14F84856
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4E324F1EFB26286C3A47267ADDC69878
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
Frame ID: 9D20B3BD0E83556E10DB8ACB8F91D6D7
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 1D11C0118D393CED1247B26D0AD0F449
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
Frame ID: 00F2F13EE4C8D33EC582A193DD33CC5D
Requests: 11 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 7585A132B09B14025D46961C68597C20
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 15FBAC82577B7011CF0CBDF4BEF06F55
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/match?p=og_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE&u=AAA6BE7KFTMAABegieKCFw
Frame ID: 5C9C24AFD5DE8CCB7D05FFF278ACEE75
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/bf23a4384bdb6d5981c6228df721b8a?gdpr_consent=&gdpr=0
Frame ID: A8E0E2F01B6529153F452CC203396568
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 546E005238B467518FB10B9F7F720221
Requests: 3 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 97B186E13FD8676B09A2B13AECDD7A6D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
Frame ID: 1F89AD700845C19AB2381540D970FB4F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0FC3C719BF693CB77F35674D3D4CD05
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: CAF98E0B3B87987B5F931AAEADD2CC1D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 29D9BC32A80EA288771585013384E658
Requests: 2 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: 2D84372AB9B98B01B26A99C8515B893D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 42815F69A460C9948F67D6B9FA52E894
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 50F29582708DCC8E8488DA5A375C1CA4
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1695193412965
Frame ID: F11831D7371A86E1FBEEC24CCF803358
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 86A244DCEC1A70A4852E341AB240342F
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5166EFFEF807173E5ABD35ACD054726D
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: 1CBFB134540843C84C51B0E26B0504B4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6A9D96CE8B00BA3D6096AD55CACCF0A1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E25B1DE5E7F494034BBC4E0E1898BFFE
Requests: 10 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=0024a8f8-4a0c-42fd-9099-31643be23590&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 19B43A06F05EA7EF0112164D9F53C132
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Frame ID: 0886EC4B378460007A30A25263546956
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B11E084BDB2D0F8877FBD1E83256BBEC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 88701CEB781671FF890CF464E4F9E9C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt
Frame ID: 1E1A846549A17AFCAE850FAB7AFF38A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7266556625495896169&gdpr=0&gdpr_consent=
Frame ID: 8A57B9C2D6B56E7AE0EB495107130118
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 3823C189CB342FCA5663482D11D97A97
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 6EEF30B0A05D98BAB60121DCE14C7086
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 1CEE86471EA0A4A740B425F175DB75BC
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 9A9A562EDAA9B7BB1DB395A982659923
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
Frame ID: CBD042FD1BC7D0190A60E8F8B09A1C90
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 7229FFB209AB917DA4C2790A8FD9A1EF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/430026040501508929
Frame ID: D79A8280CEA2D1D213A702B0C358907E
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
Frame ID: 2B5C7E4C537357108CE2954994811B7F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 3FB67115304CF98B1460AE4A873AC7B5
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 364B9252BFBEDE0FC145AF7B3F9744E1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O2WM8H2GgudsxtVytB4W?pi=smilewanted&tc=1
Frame ID: D340B32F1A9CB712E18C64AEDCBDB5BA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sports.walla.co.il
Frame ID: 71D196E956BBDE17EFCE47D97704CA13
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF7ADEE719EB9189361E14A9368C6618
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1AAA424BDE22F0830497319939E06EA
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent=
Frame ID: 645211DB1B1D411B966CE30B7AAD3473
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7280800282114914451&gdpr=0&gdpr_consent=
Frame ID: 44C94F65CA78ACBC5B8F1763B8DEA5E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4A59JtpPX25x5S7VoKkXxorHJoQ&gdpr=0&gdpr_consent=
Frame ID: BF9783EA29819153B2CBA778DD786982
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: FBBA9E90248051CF8D8D2F911FE3FBE3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA6BE7KFTMAABegieKCFw&gdpr=0&gdpr_consent=
Frame ID: 2B01CEC7F8ACB69791B987848904AB4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9EAB5A98AFBF98C32113296BB5FD44F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! ספורט | חדשות ועדכוני ספורט, כדורגל ישראל ועולמי, כדורסל, NBA, תקצירים ותוצאות - וואלה! ספורט

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

576
Requests

91 %
HTTPS

36 %
IPv6

95
Domains

166
Subdomains

125
IPs

12
Countries

6915 kB
Transfer

18657 kB
Size

119
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&value=0&auid=1717041249.1695193410&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QpkKZfyrMqCYjuwPkJOYkAo&sscte=1&crd=CKG4sQI&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt8W4yKic6SNYNPRHfjgTLYL_iBchOBdOdw&pscrd=Ek5DaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVlBQ3VPbWtXNUYwSmcwbEVVRVpuX2N6clNHU0xsVmZsRU9aQ0dJVGhqWXkwMjBpbWxWU3caWENoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpNEE0VUZkQTNfc2wzTnV6cXkwZVYwUDU0bVB2dTN6cE1Dd0lHdm8zWjZFc0hKVkl0dElVZFVQZW9rWDFOcTYiEwj81M_Iz7iBAxUgjIMHHZAJBqI HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&value=0&auid=1717041249.1695193410&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek5DaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVlBQ3VPbWtXNUYwSmcwbEVVRVpuX2N6clNHU0xsVmZsRU9aQ0dJVGhqWXkwMjBpbWxWU3caWENoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpNEE0VUZkQTNfc2wzTnV6cXkwZVYwUDU0bVB2dTN6cE1Dd0lHdm8zWjZFc0hKVkl0dElVZFVQZW9rWDFOcTYiEwj81M_Iz7iBAxUgjIMHHZAJBqI&is_vtc=1&ocp_id=QpkKZfyrMqCYjuwPkJOYkAo&cid=CAQSKQBpAlJWxIVlOiQpxwMse_TwZhupRrJJYlfWpcx84xvuk0upzISeWmEu&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt3LX9GSqapr9PxJRydTWkC35Ng3oHnzXlg&random=4292644772 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&value=0&auid=1717041249.1695193410&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek5DaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVlBQ3VPbWtXNUYwSmcwbEVVRVpuX2N6clNHU0xsVmZsRU9aQ0dJVGhqWXkwMjBpbWxWU3caWENoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpNEE0VUZkQTNfc2wzTnV6cXkwZVYwUDU0bVB2dTN6cE1Dd0lHdm8zWjZFc0hKVkl0dElVZFVQZW9rWDFOcTYiEwj81M_Iz7iBAxUgjIMHHZAJBqI&is_vtc=1&ocp_id=QpkKZfyrMqCYjuwPkJOYkAo&cid=CAQSKQBpAlJWxIVlOiQpxwMse_TwZhupRrJJYlfWpcx84xvuk0upzISeWmEu&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt3LX9GSqapr9PxJRydTWkC35Ng3oHnzXlg&random=4292644772&ipr=y
Request Chain 211
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsutFM3Uo5xC5Uzwmh4acGmFnkwONbdjeTPehGSXLSFHbK2ynyRykcF6tiUlB4optPqMsVwWcvrvPjjezvihT8rqCeDumqSfs8PwXyqCrJrZ4IGbuZRIYPG34uhjUmCfihl52FQ-Bnf0eRXkqBF3o4J-19IVxfAG-gKSTDPMatnM90Ytk1_ChW8I-13zpiVg7wuHfVvfNH0N9RMm0nQkSN8JazV05vGqVwd4xOVwzuSAlzti-9GWoW-o9jBQkDje_6gB9plsAs85tNO48ZRK6lk93hucu5EJnFLQ-yM3UEoBos49EKuCRDs634D_3Y14RruKkM_pwYEZz4h1-XUnuUSA_VCWuy66lYycvg%26sai%3DAMfl-YQencJsypahVIhIDHLD4EriVmJ1S_BbdALTWD3zbX3RFA9NTod2Nq9inty5nwGAgbrXiFqhvRIpeFg40iheXy6F62Hidhz0HXkNl3v3PzLlXks5WRCcBRGcUmNSsgc%26sig%3DCg0ArKJSzNJmg2p9VtUvEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 213
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuxrqij7kZ4cbC3I7wacxsBrVW18lkQvAgpr4pFaZ2bd3UajDOsrWGaKp7EXql7GEf5j_S_cFh8QK7N14Sbo8c1NjIT9kq1CxkPHPDpTAZo-33PpMdi0SWbeORschLrfeY4FqdRMn_1EoKj0RS7SdPLOQUFERat8cavzHhc3R0m4Bg4V8LlKn6CcdzaYIrq4Jd21Rqr6dR3PdMi51g4beYILRE1MwYdw1RrbhiCq0gewzw-tjKwswig9ppDOJT14OIBKMfstTH8YPm6GCWu6W5JmMKmnnLnohC_4Ttd8umTCJtnxmvBGSlueYvV-6ArRGlSkhVaD9gGS_ci3AKIqvTtxYLfSJl32jSpDQ%26sai%3DAMfl-YScbxVBfckAlkJQMvBqnRpTQfng2pul74hpJnjsPbuH6sCwLFP9PmlgxX1eSrUHvfzb9060D0reksXfQRdd8VRXDakggR0yE5EA2gdQVbp88eivLJu2jqxEqUQ9FRA%26sig%3DCg0ArKJSzNjgxmthsd2iEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 215
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssp6JS0IVA_C_OHuO0XtT_RVP-SDjqN-HaT64_l94h5jJJNZ3XxUSmxPYFQfsyIYMpmFWyXyhFEwbW58jI3zAzANie3f2Pp4C3JIMZdjdBVbjjDYJDOu49gMZV7IMt3plx0J4pTwyOcW_uJWFKgHGAnN1NGF1Cc5ciEexCSoy7hTiLGfwk0xb1qhzoHjouKeLvX81xKNL3TS6Z3ZdiY5vUMzYbRHjYBXXwoAAbT0YHAWmCoNbw98YnG_XknEKoC3NB71AzJL6IGLRYC45VSS0ucBkcl_anhNhHMaD3kIUbzn-njjzFROhQpx3xek8ukm3Y7CrF05y18tU1GnHvHynsx3TmgAWssdJfkHA%26sai%3DAMfl-YS7CB5jt5dpNKab-iYg5tYmoiEfXLz3iN4CvDLZS-P9pVM_a28iRicFb0lu4Ao4oxF1seO1iVwhY5W5NfN4gHmNPr4kTokpiG2F1h5RctC8ZczxiO2bvFg7ftlheSs%26sig%3DCg0ArKJSzMeHaPlGwWEpEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 217
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssUZp3_LJDujHAYdC71vG0yTtC3w9OM60t9K2LiNzgivB4JErFdXsYVG0Uq1qRVwITyBqm9LaJzxyuyF01mcQyuhCtuuA-ViebaPrfNJvAa099_cHrHVDE7RycWVp6i9dNz5pjTkfMpRardTT7X75c6IBi9IDyf5hv4X41BU1WBmeY0U1io2b1RjvOVuHlc-zhvUDqOxgwAIlDobxeyuOtWcfrPnmJho5X-3JlcGYHBVmgnCxuhtUGEbNPVr7L-rT6CfzWg8z1LPBPICKsgMefxQtq7-qBZS0iBWhAoonnqHYjQR-pAJGSGVBJlixxcD8f-UCL7bl4Xz7Pb_PQyZWffc3I3lIK13EWfDQ%26sai%3DAMfl-YSArSXdjdRZFBcXiFTVISxxenzYJupX4neCu8R30yPdEQyhv4GJL3ve8h7wfXQG5IZmGqNppFTAVnKnDz2sbQh7SqRJ0xmc7wHi76A7tyRAnyGCPXqy5cPJqueYXsc%26sig%3DCg0ArKJSzEHGvQwXM_JeEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 219
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvA1S_0oLZRBelLoyGyuiLbRvjBTt9YRtJkCAMZKbxAaalhtbYg-Z4lPk2rq9h3y4UXcgnnIi4rx98A3cCW2Jf9GaPLiCfLx6P47U9nc1Gjd-7Ddx0pQuC_1VFjTsH_EnW-osUoRsNyp6AUVsvcaZ02s_3nlKXTCfNmB6HvB54i8oAyIakFryNO79Dj2K31UXeV2MG_USGdSkG7ugfXQI7JRS5R0HSmTelpDkky9Hq4esGXT0dDaEMU4bqnwYEyegguzsVUMHUuUfeWxuswixT-I5gAJ2O3-hhEYnW0J3lw-bEPRRlzhgkZeSx_pO5E6MFRrycHH8TjmI3BSitXtjiEGp7TvsuVeGQC_g%26sai%3DAMfl-YQ38Pw46C7ACkJZ3HlgiFNLvS38qNrQQcjgQj8Xdk9cnzl1pZI9wLzF2rfGTvGkSUNgSFvUy17DGwJfXul1zt7g1KwTZKYWWKkM5GOLSFj3YZ8B7MSS45ySGQXx1io%26sig%3DCg0ArKJSzMv0ZxbeFJQOEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 221
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssT_MraOnKft7We_e8pLH4PC1tGjBtnsTGw_B4t1zlzXoKzkeuzvFzoiPZcs_C0R0H3o4kJEiZ2vzbUHrajIBU3tgXsmhWChEsciCOmwjjXE15-_8ueD1wI7BzJ3VSXgMqCUGa9J4N-OCbJzyE5-aATu5d3zEsnY4iBmadk4Bjcww5QcGF6N5NE1y6oV-OxEiAuoasLjPpkGNkMNSVimLQCTNjYbXtcv5lq4vnZwGDebcsdQOruFTKGY3xmVZDcxlaVDd5umvpQ2ny8UJn6zdKjxV6M2tg-f4Cfgqywc7UZQkO05bXbZLJyPqWGyhqWktT5RShMuyfpSmxna2kg44YdYUENkhHv91bbxzY%26sai%3DAMfl-YTMOyxU5jw3U2tNv2A_yIU_90EnXON0FAED1PttpN61wPNdce85ezla8bhDDgWiUQhGaNZoifMfsU68DyAvxSVB-l9mqdSvZzasrEARguZm8vNMazE_wAc_ZK3Qzho%26sig%3DCg0ArKJSzHHFCuaNCUjKEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 238
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHYL5kU68d1-U3TMq7ufvs0&google_cver=1&google_push=AXcoOmQAbFtIj_AkRd_7mKvMvXM9RKKVPWzWPex2JAGoI2Fuksu004NKC-tijgWLBE_GDfrzIZzV_Q5-xtBHjifSGs7t0n3n5Wiqbw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQAbFtIj_AkRd_7mKvMvXM9RKKVPWzWPex2JAGoI2Fuksu004NKC-tijgWLBE_GDfrzIZzV_Q5-xtBHjifSGs7t0n3n5Wiqbw&google_hm=eS1nUHF1ZzZsRTJwRkNBUEprbC5lNXhBMWMuV05WV1Q1NX5B
Request Chain 240
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH4_GqJhGmWOqyaG5_yJHAc&google_cver=1&google_push=AXcoOmS3cKW65t9w_Qf5cV1aHF2sEkIhKghClnLl3Z54VOSY1BSIYavtK2kOPMjfxNFrdpWi_yFkARXzvMEY_2cphMV-m_L51_5ZAw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH4_GqJhGmWOqyaG5_yJHAc&google_cver=1&google_push=AXcoOmS3cKW65t9w_Qf5cV1aHF2sEkIhKghClnLl3Z54VOSY1BSIYavtK2kOPMjfxNFrdpWi_yFkARXzvMEY_2cphMV-m_L51_5ZAw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QF16aF-fQveLf1N4keQiQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS3cKW65t9w_Qf5cV1aHF2sEkIhKghClnLl3Z54VOSY1BSIYavtK2kOPMjfxNFrdpWi_yFkARXzvMEY_2cphMV-m_L51_5ZAw
Request Chain 241
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHr62ISOK305RbrJBEzVUA&google_cver=1&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33vC6vRLI5ntr6jg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHr62ISOK305RbrJBEzVUA&google_cver=1&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33vC6vRLI5ntr6jg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33vC6vRLI5ntr6jg&google_hm=HWfnuGZHME1tQEdOR42J_oKE
Request Chain 242
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEL3d7XmEVJ8HjWYSR34fvK4&google_cver=1&google_push=AXcoOmSMMOFNf3vzQLnPwyjyGKJ4ZLsZvSi0L6Rm1hd5gAYzpLWtPYAkOB_Mz9MZqLkj90ZhzUO9Umy3hC-PM_W7CrodqjZjcN-09Vw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMMOFNf3vzQLnPwyjyGKJ4ZLsZvSi0L6Rm1hd5gAYzpLWtPYAkOB_Mz9MZqLkj90ZhzUO9Umy3hC-PM_W7CrodqjZjcN-09Vw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 243
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMFzmrIhnmt3GZE-RL7fVFo&google_cver=1&google_push=AXcoOmQosySiNQZsrnZoyNCCXLPhs3KfgqeiSfiXvIPaTJ7iuNwli3zYGuaOy_t9tXhMzwYYUZoF24T5M0vlW5nP8v-tiwjjvSvV-yc HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMFzmrIhnmt3GZE-RL7fVFo%26google_cver%3D1%26google_push%3DAXcoOmQosySiNQZsrnZoyNCCXLPhs3KfgqeiSfiXvIPaTJ7iuNwli3zYGuaOy_t9tXhMzwYYUZoF24T5M0vlW5nP8v-tiwjjvSvV-yc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D&google_gid=CAESEMFzmrIhnmt3GZE-RL7fVFo&google_cver=1&google_push=AXcoOmQosySiNQZsrnZoyNCCXLPhs3KfgqeiSfiXvIPaTJ7iuNwli3zYGuaOy_t9tXhMzwYYUZoF24T5M0vlW5nP8v-tiwjjvSvV-yc
Request Chain 259
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELsWq3F5AoMHGFWHQeveuW8&google_cver=1&google_push=AXcoOmSk2azm36sHgRhew6TSb8vOnCQFeAzzAvtkONg_HItj9HkbUymsvZ4wDJp0ZQuks7M9IBP5CzwdF5l07HoMefmMgL6uvTnb HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YzVtKpyUSvUblVQrhxcYxA&google_push=AXcoOmSk2azm36sHgRhew6TSb8vOnCQFeAzzAvtkONg_HItj9HkbUymsvZ4wDJp0ZQuks7M9IBP5CzwdF5l07HoMefmMgL6uvTnb
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBETYZRoGJvStf4Zx6tMBGg&google_cver=1&google_push=AXcoOmQabXcXZlD1dAqLl8LqQpulwVbJ-7OV8S6QOgCXPloFMoRaxD7L0Kib2FBOxF8dOs5aioFYGHyFuk3LhbKFf29Z3DLDL4Hh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SRUUwOVYtWS1KUkw3&google_push=AXcoOmQabXcXZlD1dAqLl8LqQpulwVbJ-7OV8S6QOgCXPloFMoRaxD7L0Kib2FBOxF8dOs5aioFYGHyFuk3LhbKFf29Z3DLDL4Hh
Request Chain 262
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHr62ISOK305RbrJBEzVUA&google_cver=1&google_push=AXcoOmQ2pchqmECpT3Ax6MVqOQZnxwIUqciyubeMZfyTpvWyDbK1lcI_wUyHWMPjWKm_ZbG53uPFEHEqN76gMtZfh2ifmGFb1iY HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2pchqmECpT3Ax6MVqOQZnxwIUqciyubeMZfyTpvWyDbK1lcI_wUyHWMPjWKm_ZbG53uPFEHEqN76gMtZfh2ifmGFb1iY&google_hm=HWfnuGZHME1tQEdOR42J_oKE
Request Chain 263
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL3d7XmEVJ8HjWYSR34fvK4&google_cver=1&google_push=AXcoOmQw3fntuMR5aY0nDs_QtMztfVVJBGbBEK71A385DSgAFhQFXzRZPQpyQpGnSa_iVZlO5XKocdwOWraGScoSfRzkqg2qg1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQw3fntuMR5aY0nDs_QtMztfVVJBGbBEK71A385DSgAFhQFXzRZPQpyQpGnSa_iVZlO5XKocdwOWraGScoSfRzkqg2qg1A
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Request Chain 329
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQqZRksIolP6ZNngKvsK6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
Request Chain 331
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Request Chain 333
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQqZRksIolP6ZNngKvsK6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
Request Chain 335
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
Request Chain 365
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 393
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsports.walla.co.il%2F
Request Chain 394
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1695193415689 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8914969064 HTTP 302
  • https://sync.1rx.io/usersync/turn/4098311613554324035?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-54782d38-bf7e-4261-9907-a6a68d06c640-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003
Request Chain 398
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-229080315898315294 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
Request Chain 405
  • https://pr-bh.ybp.yahoo.com/sync/taboola/3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
Request Chain 407
  • https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://sports.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-s8olrK4W5-FmnTuA2YlB&adContainerId=brand_safety_R5kKZfW1BdXkx_AP0vC5oA0&cbFunctionName=goog_wrapCb_R5kKZfW1BdXkx_AP0vC5oA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fsports.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fsports.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:86ce0300-ad44-35b4-3fe2-9b63bea49cfe,c:oJVs7g,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-pt7fx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:103,oid:d108c8c6-5783-11ee-9ab2-4a405403e9c6,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_R5kKZfW1BdXkx_AP0vC5oA0&cbFunctionName=goog_wrapCb_R5kKZfW1BdXkx_AP0vC5oA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
Request Chain 411
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAhesjDPvb1Oq_WEZiUHYAo&google_cver=1&google_push=AXcoOmR76SjoBEedzxRFcS3k-Mve-BczBKmxrhOCtEZpmyxILOW6uqVpmLgs4rCz9DVtj8XPSx3XmnTv7YsUMEynvkQ4w2XB_u4cCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI3Nzg0MzkzMzMyNg%3D%3D&google_push=AXcoOmR76SjoBEedzxRFcS3k-Mve-BczBKmxrhOCtEZpmyxILOW6uqVpmLgs4rCz9DVtj8XPSx3XmnTv7YsUMEynvkQ4w2XB_u4cCA
Request Chain 413
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTMuUU-OFQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTMuUU-OFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTMuUU-OFQ
Request Chain 415
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t980AmhRorkQ7iNxV4fgVDA-BqQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t980AmhRorkQ7iNxV4fgVDA-BqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyODAzODAyMTA0NjQyMzA3NQ&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t980AmhRorkQ7iNxV4fgVDA-BqQ
Request Chain 418
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CuJqJRZkKZfeSHYOogAf0qoDAAsWc0J5viJqln-wQ66v0ysIBEAEg0ZPDKmCV6qyCtAegAdiQoKQDyAEJqQJPGtiIHO6xPuACAKgDAcgDywSqBLkCT9B7eMUMCmF6ZreN8TpzwCYn1QH-K8fS-TJMFnfsobxXxSzdAHob-yj4k0lrfcdsz8v4b4nJ3VTgD_0QaGFnBEj-gmT0qqzTsu9s3WA-COq3Uir4vpSgmEMkE-RPVJ1Klh0SZ-7Uk_uhuLxcv1dVe7MPc6Dnnd_Nc3N8fw4rGzc_oAdW-cW1KxnoCPrdJG2gc5TXgnd94Neu_N0yPZpB5dqT1FBiTbHS-hmLStmWUiqTbb3hhWfCUHYUEsP4r5FxH1jWBl2c4QoYK35iWyh6MCtWteU5si0B_m8xmRWnbkqcS8t8HBh-xUbYuu_xgz4pAy61l03yO8D6RFK8O_rf7vuZqnbdWK3Lk7YwFPrVAL8-7oSNObVK2aoOWFr4F90XJSlLzntyGbn2lfoAlas3WpCdTDsHqsiawcAE3IqN_7QE4AQBiAWJ2MPFSZIFBAgEGAGSBQQIBRgEoAYugAeQ799bqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMG-FdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCUlodHRwczovL3d3dy52b2xrc3dhZ2VuLWdyb3Vwc2VydmljZXMuY29tL2thcnJpZXJlL2JlcnVmc2VyZmFocmVuZS9pdC1qb2JzgAoDyAsB2BMNiBQE0BUBgBcBshceChwIABIUcHViLTc2Mjc2NTAwODY4OTU1OTAY8eYT&sigh=QPKAUvpr33s&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223295855375021501677%22,%22debug_reporting%22:true,%22destination%22:%22https://volkswagen-groupservices.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22881330264%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213366631477341247841%22}&andc=true
Request Chain 419
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=d5119605-fdb2-4e42-b6ca-2f8ca5bcca36&dised=true&gdpr=&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dog_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3Dog_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE%26u%3D%24%7BUSER_ID%7D&gdpr=&consent=&us_privacy=&_bee_ppp=1 HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=og_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE&u=AAA6BE7KFTMAABegieKCFw
Request Chain 421
  • https://pr-bh.ybp.yahoo.com/sync/taboola/3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
Request Chain 425
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAhesjDPvb1Oq_WEZiUHYAo&google_cver=1&google_push=AXcoOmTUmnERXvSNaA-nZ9Y9shGDPqzixQsi652aGoLD6R3_UZJCZB8_yJIYhPuK_7J73I-gAEDZ9eO5DU8yAXAPNqR6SzUnvwqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI4MjExNDkxNDQ1MQ%3D%3D&google_push=AXcoOmTUmnERXvSNaA-nZ9Y9shGDPqzixQsi652aGoLD6R3_UZJCZB8_yJIYhPuK_7J73I-gAEDZ9eO5DU8yAXAPNqR6SzUnvwqw
Request Chain 427
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40rx8VLKAg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40rx8VLKAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40rx8VLKAg
Request Chain 429
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbILzK_teAD6JIjL5SkUylQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbILzK_teAD6JIjL5SkUylQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwMDI2MDQwNTAxNTA4OTI5&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbILzK_teAD6JIjL5SkUylQ
Request Chain 431
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/bf23a4384bdb6d5981c6228df721b8a?gdpr_consent=&gdpr=0
Request Chain 504
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIDJ2CWG1GTDDY30jkC33dY&google_cver=1
Request Chain 507
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7266556625495896169
Request Chain 508
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=96999c19-cb2d-4ec9-9ce6-508803fb8dc1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 509
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710918217&external_user_id=fc5197f7-19d8-49f6-8c77-824d0f936bc1
Request Chain 510
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dc91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dc91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dc91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
Request Chain 511
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4A59JtpPX25x5S7VoKkXxorHJoQ
Request Chain 515
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 516
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 517
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt
Request Chain 518
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7266556625495896169&gdpr=0&gdpr_consent=
Request Chain 519
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QF16aF-fQveLf1N4keQiQg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 521
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3625707806 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=405D7A68-5F9F-42F7-8B7F-537891E42242
Request Chain 522
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=405D7A68-5F9F-42F7-8B7F-537891E42242 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NWcwS2tZQmMwLXNTcFNwWm1VSkJHbGxMZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=430026040501508929&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 523
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA1RDdBNjgtNUY5Ri00MkY3LThCN0YtNTM3ODkxRTQyMjQy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGOyHb8-tLZFbJzY6_nKYv4&google_cver=1
Request Chain 526
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=430026040501508929
Request Chain 534
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 535
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
Request Chain 537
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/430026040501508929
Request Chain 544
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O2WM8H2GgudsxtVytB4W?pi=smilewanted&tc=1
Request Chain 548
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=sports.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Rbdom3xSRWQ3cC9LVkRrOEx2NVl4NXpCWmtmemh3TmpOdGVYWU9HYWQrcHNZMHNIOGpBQUY3R2JENXNYakIrZVFraTdGVHk1UHYyOE4vaEk2R082RFY4bFd5dTM5OHBabDVnd3BkOFVScHVJOGxqZkcvRHN2VGpOcEZKeTVKclpMbGg2VnVmYllLdVVKUXdlZkpTbVI1MjgvUXRiTkljL3BxWHZrbFY1SjlIV0ZxWU96TkF6RzRGZys2djZxTFdiRHI5aEhsMG1XZUJCditOZW10bitFNTlEQ3lnQnQ5anVHWThETGtvNXZTaE9SL0Z2TTBJbXBUbFBYZ056ODZGYlF2eHpHNjJ0NnFWSmd1dGs1RzYwVHVDTjIvQ3ZPV09UQ3ZIN1IvQnU3eFo4MzIvbz18&cppv=2
Request Chain 561
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7280800282114914451&gdpr=0&gdpr_consent=
Request Chain 562
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4A59JtpPX25x5S7VoKkXxorHJoQ&gdpr=0&gdpr_consent=
Request Chain 564
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBNkJFN0tGVE1BQUJlZ2llS0NGdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAA6BE7KFTMAABegieKCFw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4126096578355685197&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAA6BE7KFTMAABegieKCFw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4126096578355685197%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4126096578355685197&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAA6BE7KFTMAABegieKCFw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA6BE7KFTMAABegieKCFw&gdpr=0&gdpr_consent=
Request Chain 565
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 567
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=405D7A68-5F9F-42F7-8B7F-537891E42242&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=405D7A68-5F9F-42F7-8B7F-537891E42242&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 568
  • https://pixel.onaudience.com/?partner=214&mapped=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=001546d40ce0b1688f194462592b1de8&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=08b2a00dc94bf5d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 570
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2a49017a-7996-407c-b705-356b1ffead4a&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_7eb84cbd-06a2-4751-b5af-5cd14d3eb0c0&bsw_param=2a49017a-7996-407c-b705-356b1ffead4a&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a49017a-7996-407c-b705-356b1ffead4a&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 571
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
Request Chain 573
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4098311613554324035&gdpr=0&gdpr_consent=&us_privacy=

576 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sports.walla.co.il/ 		579 KB
276 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8b0f372767b16219b2fc39db4b62f6ae5849d9eb2f2224d2f1874bc6aa197bce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25
cache-control
public,max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 07:03:04 GMT
etag
W/"90c2d-fdjumH7kX+HHS5/yB3tSvIp5wFM"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
x-amz-cf-id
zNH3X7ECYWNtsdaYw4cURcB8niAwAxPXqfM3w7OpnNBE-Bp3HmP7QQ==
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
023f8e5e6152c62987c9f1d1d2193ba56278e04a9545795ad28b516cfa70967e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29454
x-xss-protection
0
server
cafe
etag
320 / 19620 / 31077994 / config-hash: 7190792443359072308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:29 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b6f3ed9be2a0b97ab6556cab5a50ba59bec2ae85fe5546143dfbd5a3f5f33a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74719
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Sep 2023 07:03:29 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-54.ams58.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
068eb3e4d07d606a09b54b707f5b07bea6100b984ca99e6d932bce2ccc2b9ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:51:17 GMT
content-encoding
br
via
1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS58-P6
age
72733
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
Mp5p8N28koVIAMAavLmEJ3jQHQ1MiuKmBQZJzd0gkuila6je_rWkyg==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:ee00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:56:01 GMT
content-encoding
gzip
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
AMS1-P2
age
50849
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
LlpdUfMq3MyOp-7VgDZJdXgQlNnV6mLzxodws5HAYZBjOonfeGX1Kg==
expires
Wed, 20 Sep 2023 16:56:01 GMT
mobile.svg
sports.walla.co.il/public/assets/logo/ 		1 KB
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/logo/mobile.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:02:57 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
46832
etag
W/"437-18aadd9a3c0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
H1YZTz6z0OJe0zUd8_7EhbBLnIE3zUOV9VpExvcj2Ex8ltjVUze42Q==
x-cached
MISS
logo_new.svg
sports.walla.co.il/public/assets/logo/ 		1 KB
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 14:13:19 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 13:00:47 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
60610
etag
W/"4bf-18aad876ab9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
M_NdHrDomlMR5gp69e3bx1-R_V_PfwDqk34D40XMHgad-HUlLILv8w==
x-cached
MISS
new-logo.svg
sports.walla.co.il/public/assets/homepage2/ 		1 KB
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:25:20 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
49089
etag
W/"492-18aadd9a3b2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
GokbYRjPxDBg1HXWIu2UG1aJFH7YmfX9VdLo1TCBUGuYqjR0bFCxMw==
x-cached
MISS
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1011 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a86bfcf9a22bbef5fe14c67cef3b9b50666876a47eba94212e664f47a5d0c02e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 19 Sep 2023 07:36:03 GMT
x-amz-request-id
tx000000000000002f0a1ad-0065095268-3b70053d-fra1a
etag
"497b3ec0a3d1b98034e29f7391da0fbf"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1695193410.dop128.fr8.t,1695193410.cds150.fr8.hn,1695193410.cds103.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
282404
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		896 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4debb95b833d3a22a8fcfc97b66910440e6514e75e46ffa3c8a54e430dc571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
KRWlCMwb6OLGMB_vnZr4DlB1XU2H327S
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:29 GMT
x-amz-request-id
VGPHZAEG90G8M3KN
age
1414
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
20
x-amz-replication-status
FAILED
content-length
69212
x-amz-id-2
nFG72SJuSjTGmclHMaMwyIQ1d2yKi+Scaapz43XReHh9EItcvZnLNW8AduYVjvQbrn7mrhi3L4s=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 14:10:48 UTC
server
nginx
x-timer
S1695193410.982130,VS0,VE1
etag
"bbe2f5bd41e2981adf97b3dabe57dfae2abc7feb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
29
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27630
x-served-by
cache-iad-kjyo7100135-IAD, cache-fra-eddf8230100-FRA
last-modified
Tue, 24 Jan 2023 21:41:51 GMT
etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
expansioneggnog.com/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expansioneggnog.com/v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
517dd4e98f964068291a3ddc62a1cbf0e36de28e99d98212e22a2790a3749490
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 20 Sep 2023 07:03:30 GMT
x-datacenter
gce-europe-west1
etag
"76cc0fb6dd8aeadd47ef0fb4b0744b9375495ecf0b88ce9bf04c23fd9941f248"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-b8mh
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/ 		487 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da033d2df0587bc22c50049c0f561e3f7bb22ff504b2752628bc552a299375dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110157
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Sep 2023 07:03:29 GMT
gtm.js
www.googletagmanager.com/ 		411 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df5a3eec0289d148e9b9c28694142ea78bb20df341f86cb1bc367d8d1c4019e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82494
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Sep 2023 07:03:29 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 05:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4426
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Sep 2023 07:49:43 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:ee00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:21:33 GMT
content-encoding
gzip
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
AMS1-P2
age
49317
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
bvk_X3MpU3kyORCpsYQIXhg3GNcl6GCRJZClGVYvnIil3W_5Unqi0w==
expires
Wed, 20 Sep 2023 17:21:33 GMT
tiktok.svg
sports.walla.co.il/public/assets/navigation/ 		628 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:22:42 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
52847
etag
W/"274-18aadd9a3c3"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
628
x-cached
MISS
x-amz-cf-id
AgiyWl9NmXgpnKfV45nseLUA0xmHgPVCZ7VyBQCgFBClAEF8_FnCeQ==
insta.svg
sports.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:47:47 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
47742
etag
W/"79e-18aadd9a3c3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
ELkxdtpruQEmipQdF-QOtMhLbc2R4g_KQl7FSuA2EIii00ikzbHn9w==
x-cached
HIT
twitter.svg
sports.walla.co.il/public/assets/navigation/ 		1004 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:19:48 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 13:00:47 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
63821
etag
W/"3ec-18aad876abd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
lilgvPJjJ5mroAA02RAWY8ZSwHHUJG_NwdkAr_NsDf-ywccZfPvCgw==
x-cached
MISS
facebook.svg
sports.walla.co.il/public/assets/navigation/ 		471 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:33:13 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
45016
etag
W/"1d7-18aadd9a3c3"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
471
x-cached
MISS
x-amz-cf-id
hnWVTW0mdfyre3986MVma-NDX2x8NkoAd5f4qIZhHO2zwogC1wmz-Q==
allay-icon.svg
sports.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 12:34:47 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 07:25:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
66522
etag
W/"c00-18aac547d4c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
aTiKWa644ucc0I1-yRoZw93E-j3haedMZEONJC4xYXSKV-Z3MWBN1w==
x-cached
MISS
winner_logo.webp
sports.walla.co.il/public/assets/sport/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/sport/winner_logo.webp
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:47:52 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
40537
etag
W/"1a56-18aadd9a3d1"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
6742
x-cached
MISS
x-amz-cf-id
z6vRP-WYGQ1MvKfm_XH6jC7pkPG_Dh1xmUiZSoBlKKiQwnWpMUCmvg==
vod.png
sports.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/vod.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:07:11 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
50178
etag
W/"4a6-18aadd9a3ba"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
1190
x-cached
MISS
x-amz-cf-id
Zv-Q4k4sH3JGyZlicwhqQcAn1n4t-ClKYmqCZky4bU5I8psBu9pbuw==
3603325-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/6/0/3/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/6/0/3/3603325-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f688e4ac5b11a9e36f89bb8cc9b2c6b832854b3dac60c3e4e30474ce60e13574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:39:01 GMT
via
1.1 google
age
1469
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22510
3603272-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/6/0/3/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/6/0/3/3603272-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
af9be51bce33a052bc94651cf98d61b804c95303e894ad1a5b1e38af37130c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 20:11:09 GMT
via
1.1 google
age
39141
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16906
3603322-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/6/0/3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/6/0/3/3603322-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7e4163971f59288e534ae595926abe9c318ef6e21fdd7001999a235c34f377cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:23:27 GMT
via
1.1 google
age
13203
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7036
64.png
admin.teleline.co.il/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/64.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d7fd38335a9351deb97460103975b829fa59b7f16ba1eac168aaf01f43cd347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Thu, 31 Aug 2017 05:48:58 GMT
Server
Microsoft-IIS/8.5
ETag
"081add61c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6393
56.png
admin.teleline.co.il/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/56.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4f2044872a15851a96b77ad3677a826479c99531f85bcecb066e12b438ab54cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Thu, 31 Aug 2017 05:48:31 GMT
Server
Microsoft-IIS/8.5
ETag
"80a195c61c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
8494
162.png
admin.teleline.co.il/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/162.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dfe8210f15fbe84923842bafd0745457bcfc9a0421576d0c1060f86ff7e39e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Mon, 20 Apr 2020 19:57:54 GMT
Server
Microsoft-IIS/8.5
ETag
"77ee6fa4d17d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4279
659.png
admin.teleline.co.il/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/659.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4b558e08c998cfdf1fb1b16483c9860ac40917adab5fb23f0c9de170632e506d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Sat, 24 Feb 2018 15:36:06 GMT
Server
Microsoft-IIS/8.5
ETag
"ced9792f85add31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4040
138.png
admin.teleline.co.il/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/138.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b9ba41213b9cff0796b3f60f994a51e69406f309534f8f212d69772de4bee598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Mon, 29 Jan 2018 09:50:13 GMT
Server
Microsoft-IIS/8.5
ETag
"8078d38ee698d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6403
86.png
admin.teleline.co.il/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/86.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9156377bb916012e2a9af84f839784e1cf265d3df2b8e4b4099e4309dee029d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Thu, 31 Aug 2017 05:49:57 GMT
Server
Microsoft-IIS/8.5
ETag
"8030d8f91c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
5483
45.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/45.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
349528e03ea7cb3c8f560709298ba4eced9cb5d2baa295bc051a5671473ab18f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Thu, 31 Aug 2017 05:47:57 GMT
Server
Microsoft-IIS/8.5
ETag
"80a451b21c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6745
277.png
admin.teleline.co.il/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/277.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9370e0fff3e530e705046c24135cd928d424d3e2346046671ea53001307683c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:27 GMT
Last-Modified
Mon, 29 Jan 2018 09:50:17 GMT
Server
Microsoft-IIS/8.5
ETag
"80d23591e698d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
9263
icon-mail-empty.svg
sports.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:23:15 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
45614
etag
W/"5f6-18aadd9a3b1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
xoL_90vRo8DmixWAjn525dQk6MzhT5ug9BKzDkclyNM-tWQL4kpUtQ==
x-cached
MISS
walla-sprite.svg
sports.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:52:05 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
51084
etag
W/"4a05-18aadd9a3ba"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
fOtkwiakm-ILVX7WRgLZr0whFAe4VkA0cdPwNH8TBp0kMM2lTTzEgw==
x-cached
MISS
sponsors-logos-sprite2.png
sports.walla.co.il/public/assets/icons/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/sponsors-logos-sprite2.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
1ab50ee880257c71537296b3c205b390186e2ab6ec764b5c35f5955ded1f2dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:18:25 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
49505
etag
W/"11b7a-18aadd9a3ba"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
72570
x-cached
MISS
x-amz-cf-id
ohmE8EIJYM1Wm9-vrFcV6GT3hxrAcoddyt1Hb53zBxJNKtf_A5B6dg==
almoni-neue-aaa-600.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:57:53 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
47137
etag
W/"e954-18aadd9a3e5"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
UzYEb33-SF1AlaGpEf-F_AHFc42wlt5MRBisldYh-0bVsAd2HHEYrw==
wallaicons.woff
sports.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:13:47 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
56983
etag
W/"3bdc-18aadd9a3e7"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
wVikhO0tXDblti6lB9HWBJRaULODgVNO4r2Uz3pBrFjVdZwqCOqYtg==
almoni-neue-aaa-900.woff
sports.walla.co.il/public/font/almoni/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-900.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
75ccb11e22d3f2e3475ada74631301c9071a94fb903877a28fc46875b9cfd063

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:17:54 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
31536
etag
W/"ef18-18aadd9a3e6"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
61208
x-cached
MISS
x-amz-cf-id
rxOrf8yvsYRRkJm3TX2pgKkl5HieG2lHD6j7hRcEaSLyvmgWp5Na8w==
almoni-neue-aaa-500.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:08:57 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 07:25:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
71673
etag
W/"e7c0-18aac547d7a"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
aZgi61gv0SV-6omsyiXo45gdsvfoSfB3SOJ2PaEsgoVYsLv-XZJ4Kw==
almoni-neue-aaa-700.woff
sports.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:24:20 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
52750
etag
W/"ea00-18aadd9a3e5"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
BtYKvyke266UTCPgvzc4Q2hcjaaLmdLMFwoC0Nul9b2SzaccyYwarA==
almoni-neue-aaa-400.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:28:05 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
52525
etag
W/"e770-18aadd9a3e4"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
hSxc4Re5cWvyzvgNQzQenOS5zH-GRU-bSpgK0sTaJghWhUUvnHe6yA==
almoni-neue-aaa-800.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:30:47 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 07:25:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
70363
etag
W/"e65c-18aac547d7b"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
58972
x-cached
MISS
x-amz-cf-id
FSmDLk0O3jnt8PaqbGnMv4MVfBtqev4BVuyoFq61osCeWrm-pT907A==
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
sports.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:52:06 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
29484
etag
W/"248c-18aadd9a399"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
6mNi57Hs7nkbEA8fe3KY80kg33jrH0rtD515qfbM5XhxVU05EW9fFg==
x-cached
MISS
3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
sports.walla.co.il/public/ 		313 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
da8356ea10c3ccaa5f0c89a0acfab206a79856452f5d67b22a088d90248d3877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:53:58 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
50972
etag
W/"4e534-18aadd9a398"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
KDnw253AEdQUKpPgRCnXJkQinp15ST8mdoc4NC0yU3EtgQenpJ2xhA==
x-cached
MISS
main_d4601f1cda13fd6c3d66_d4601f1cda13fd6c3d66_walla.js
sports.walla.co.il/public/ 		1000 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/main_d4601f1cda13fd6c3d66_d4601f1cda13fd6c3d66_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
495d66bc7381abef8fc25ff161494fc01949014a1a4a7517b520a7e3289a3f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 14:59:53 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
57817
etag
W/"fa050-18aadd9a3ea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
FNHFZOg2ujidLK67nLtCyajogen7tbFMK4_mwuCbajqS6XuNeBhcNg==
x-cached
HIT
1252_c3c25ae54697214115f2_c3c25ae54697214115f2_walla.js
sports.walla.co.il/public/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/1252_c3c25ae54697214115f2_c3c25ae54697214115f2_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
0006a0539d3f199c9b2416e7964cec61ac6c90f394e2d9c8fbd0d1196cc137a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:11:42 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
31908
etag
W/"4b08-18aadd9a397"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
LRHwABbtv31YyBJvsN3z6gKAghn_apsoKtyIvh7LqmVzsE2Q3Hld4g==
x-cached
MISS
8828_1bf566116ed3a225cbe1_1bf566116ed3a225cbe1_walla.js
sports.walla.co.il/public/ 		64 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/8828_1bf566116ed3a225cbe1_1bf566116ed3a225cbe1_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
836b60d60e96ff91364edcc6d33c1f9146d9c1cbcac5d246a3846af3db8edeef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:11:06 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 13:00:47 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
64344
etag
W/"fea5-18aad876a90"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
AqEMXK2uCTIXkrkPnxQyBxlknsc7C6QYTkYfWu6Z6pM_yvEtMRkPUA==
x-cached
HIT
7225_e06cdfd5ec9fae0ebe7e_e06cdfd5ec9fae0ebe7e_walla.js
sports.walla.co.il/public/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/7225_e06cdfd5ec9fae0ebe7e_e06cdfd5ec9fae0ebe7e_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
26b64bfad5da865023c6249ded8a54caee3e97e0cf83b7cae4a85af4b901b6f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:11:04 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 13:00:47 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
64346
etag
W/"71aa-18aad876a90"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
LCQAWkelqQlzJf47pgkzij-JU04Llc9CueeMuzSB78uQkUNgM1fNQw==
x-cached
MISS
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
sports.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:53:04 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
40226
etag
W/"6b6b-18aadd9a39a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
hSvMj2DRELav53ZAbGNAq_m0obAR3sTa_rq_tMzNgR3MhI--fvIr6w==
x-cached
MISS
vertical_2c47574f558ba2f1c939_2c47574f558ba2f1c939_walla.js
sports.walla.co.il/public/ 		508 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/vertical_2c47574f558ba2f1c939_2c47574f558ba2f1c939_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
96ef8b16490e2d9e95231ad387050142eb246c56ba078ad23b2c471c47a23cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:11:06 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 13:00:47 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
64344
etag
W/"7ee5f-18aad876aeb"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
-XRZYtO3_FtWpMpJDl4nE4Agrkemyx-t-p8RVeifunazCisWt8Uttw==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7a464417aa13b340f291bed95854635df15873e2f0fe69467c16f76c2ee18925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 20 Sep 2023 07:03:30 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
354
x-accel-date
1695193056
x-77-nzt
AcO1rw5T17r/YgEAAA
x-accel-expires
@1695193656
x-77-age
354
last-modified
Mon, 11 Sep 2023 07:27:43 GMT
server
CDN77-Turbo
etag
W/"64fec16f-10f6"
x-77-nzt-ray
90833930dcafe38442990a65ab02ab21
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-09-20
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		52 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:c200:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
ij0H4Ovav57a0UP4tyuRnZhuK0a2LmIu
date
Wed, 20 Sep 2023 06:00:41 GMT
via
1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 15:24:02 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
3773
x-amz-server-side-encryption
AES256
etag
"ac76f968cf4a4fbbb4cd41cc0f5c401c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
52
x-amz-cf-id
yWRdU18OIm7b01nA7PkIzK4ZPyDgydd8scJ9kph2Zxub-hgbSpa6Fg==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-54.ams58.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 19 Sep 2023 10:53:05 GMT
via
1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS58-P6
age
72625
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
s3sLK0g9QCJrZRA3fOdDobdjJWRCTXEP7gKGBBUJd5huNXkFI16WLg==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-54.ams58.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 19 Sep 2023 10:53:05 GMT
via
1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS58-P6
age
72625
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
hZEaLmPyb7FjnvN2dEi0m5rI9h4fnpNjSwiv-sTeCYflbyesXyPZhw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1695193410423&cv=11&fst=1695193410423&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&auid=1717041249.1695193410&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2749301cf85a2fe96f81f775ca0c364ffd7042fe18d179582918d6c53c67e97d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1378
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
73624
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131891
x-xss-protection
0
server
cafe
etag
12284941131365068139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Sep 2024 10:36:26 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 009B 		320 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsports.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105435
content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 07:03:30 GMT
etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified
Tue, 24 Jan 2023 21:41:13 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100053-IAD, cache-fra-eddf8230100-FRA
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-54.ams58.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://sports.walla.co.il
access-control-max-age
1800
age
72611
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 19 Sep 2023 10:53:19 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 552fc57e69ec905c4246244771e7453a.cloudfront.net (CloudFront)
x-amz-cf-id
tpGMsPbJlP1OxflCMtAV8bipxt3M8nIsgkoqcQQ7iZm0wqJQ9ULZUQ==
x-amz-cf-pop
AMS58-P6
x-cache
Hit from cloudfront
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-54.ams58.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://sports.walla.co.il
access-control-max-age
1800
age
72611
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 19 Sep 2023 10:53:19 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 552fc57e69ec905c4246244771e7453a.cloudfront.net (CloudFront)
x-amz-cf-id
A2xrFphkGzH-uzabvQPfKshLcrcibg7Phtk8ee803dJcH5w7Y1uiJA==
x-amz-cf-pop
AMS58-P6
x-cache
Hit from cloudfront
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=Ba1jODC2sIIgCrpQCM&d=sports.walla.co.il&g=20047&g0=%D7%A1%D7%A4%D7%95%D7%A8%D7%98&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5154&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsports.walla.co.il%2F&b=779&t=BaVRJrCs3BJADJgCkiBwsjymCU2a4a&V=141&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&tz=-120&sn=1&sv=DDvog9BTgAgfDff5fqC14rDtD5x1aa&sd=1&im=061b0fff&_
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.249.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-249-220.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:30 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=7056553_advertisement_
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 04:12:26 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
5280665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
lLIb-Rfp_FnjBKWCTd7kUB0v8RRdVxdI8Pqbxzwul1DXXl4ZYxklEw==
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 20 Sep 2023 07:03:30 GMT
server
Google Frontend
x-cloud-trace-context
cf3e15e9d8ba122f9c7756a6b6f3e967
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id
fc1b2eab-1bec-419b-b21e-9bc6d6c73de2
x-vad-version
0.14.9

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-cloud-trace-context
389b7655492fc046e9792d87430bd3ee
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		160 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=sports.walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a215c07deba855d94751d7693c5867d2ffa8955137fddf4588004c29977d57d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cache-hits
4
date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1223
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-fra-etou8220109-FRA
x-timer
S1695193411.716183,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 18 Sep 2023 06:43:07 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-83.ams58.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:26:01 GMT
content-encoding
gzip
via
1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
2249
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
iwaUG-rAlKFe7BPOkSOJ_QLqp0rMlNcWwBiBj42eL2GjqvthPcqUaQ==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
cbcf243da20de8ab1062499b2e9116f897a3796e97bc9cd4a86d3519bc03a9ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:25:44 GMT
Content-Encoding
br
Via
1.1 1e22254f0abea6547aaa07a03d921130.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
Age
2266
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Wed,20 Sep 2023 06:25:44 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"af3a991fc3ace83b15936648fee31083"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
C2hICC5w-UWp83WZBeCiWWbkHSpr4XYtynRav6v3v8mfv7wijNs2Qw==
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Sep 2023 07:03:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53155
x-xss-protection
0
pragma
public
x-fb-debug
lKWgH6D140DT3pMKalkT4bB1jsYKxN8vi0qvhvyyiX40BFra8DTekSqYlydD8VwgaGeYmAEwuufQk7Ha6C20DA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
h.js
cdn.unblockia.com/ 		164 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:9200:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding
gzip
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
date
Wed, 20 Sep 2023 02:29:51 GMT
x-amz-cf-pop
AMS1-C1
age
76175
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
fb4d4b7b1d35720e2d2481016ef4369b
last-modified
Tue, 20 Jun 2023 10:06:46 GMT
server
AmazonS3
etag
W/"bc5af0220c4116294c4e9c72ae4e244c"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id
vMsadImeK4u697lk-14qREHhjmscIU_yIilFUHZaKnLbd0Mjmt6DKw==
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1539571934&t=pageview&_s=1&dl=https%3A%2F%2Fsports.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1759484508&gjid=1340530937&cid=633202485.1695193411&tid=UA-4780630-1&_gid=301290989.1695193411&_r=1&_slc=1&gtm=45He39i0n71T728TH&cd1=&cd2=3&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%A1%D7%A4%D7%95%D7%A8%D7%98&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fsports.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fsports.walla.co.il%2F&cd124=&z=1713304586
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 05:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4427
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Sep 2023 07:49:43 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1695193410762&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&value=0&bttype=purchase&auid=1717041249.1695193410&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
0fc04fbe6a724a0d2b7b750d5b068fdc4dcc47d71274837fa04ee476a16f0184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1690
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2061e7d9fa8015cf272769598761fbdbf20e5fcd0a322b5c9430145247e023d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18505
x-xss-protection
0
server
cafe
etag
13963124205898545528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:30 GMT
widget-c.js
d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/ 		745 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.102.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-102-145.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8099a196b2170630895f07f2cfe3300a710f47f9f15aa5a574e44237cff91619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 00:53:42 GMT
Via
1.1 eda2686dad6c190a4b0f18db47e39f0a.cloudfront.net (CloudFront)
Last-Modified
Thu, 09 Feb 2017 14:13:37 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-P3
Age
5551789
ETag
"ddea3a811593486529ca061aaabe4dee"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
745
X-Amz-Cf-Id
aDRUVHxvShSE7Ku1455p8aqwCyiwkVRLUhk_Xn1re-GX05_dg3QsSA==
adoric.js
12890047.adoric-om.com/ 		194 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
server
cloudflare
etag
W/"306f2-9CYdnBzPfOdeDxtg9L+WyF/1La0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiyCdC%2Bwyy7mmyTg8DaxJX%2BVFbf3v4%2Fq%2FKAUQDoIumNvvxkZHN2TlpdZR7YKNcx%2Be9cu9q2wMGbHlH59uz%2Fr4C5UlCluasY9n2AgQJSBDu%2F%2FWJ1HuK7PzogKiRWKNgpd4IlstKZElxhndOl%2Bx8344r9Tbt5F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
80983581aef53a90-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89ecd6493e79faa18211d2870a2742a5b0bbe2c16845a01dd2011abffcf4b52d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79053
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 07:03:30 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd045e0175023dbd2b0b78e853002fbdfb7581f825519c59509c8458ffcbb158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 07:03:30 GMT
settings
syndication.twitter.com/ Frame 009B 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=049e46f08dc16ca57a0aa00986a340c43e9cfcce
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsports.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
110
date
Wed, 20 Sep 2023 07:03:29 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 20 Sep 2023 07:03:30 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
51ed0f4faab2e336
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
53503664bd0ae55fee5b8d07e9b0d2c7d367973da1305bc0f59722a89289722a
content-length
337
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=633202485.1695193411&jid=1759484508&gjid=1340530937&_gid=301290989.1695193411&_u=aEBAAEAAEAAAACAAI~&z=1103561165
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Sep 2023 07:03:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-54.ams58.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
76e7bb4b02302c86d2609703d5e3bd8d6f406201268a9092eddd6d537db8d0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:51:17 GMT
content-encoding
br
via
1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS58-P6
age
72734
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
CrK8-0eOPqi37mnQi0BSgHY6w7yw2xeamvw-KfXqyPJooJ3ZZxHmyw==
init.155fbbf6eb953d4d4f25.js
web-sdk.smartlook.com/es6/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.155fbbf6eb953d4d4f25.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
660713535b08260591ed094302a4027c4abd2644ef6edc9fd4523b3d71bd5093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 20 Sep 2023 07:03:31 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
768724
x-accel-date
1694424687
x-77-nzt
AcO1rw5On4b/1LoLAA
x-accel-expires
@1725960687
x-77-age
768724
last-modified
Mon, 11 Sep 2023 07:27:43 GMT
server
CDN77-Turbo
etag
W/"64fec16f-efdc"
x-77-nzt-ray
90833930ffa78d9743990a65442a2c01
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1695193410423&cv=11&fst=1695193200000&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1614414920&rmt_tld=0&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1695193410423&cv=11&fst=1695193200000&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1614414920&rmt_tld=1&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsport...
  • https://www.google.com/pagead/1p-conversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&labe...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&value=0&auid=1717041249.1695193410&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek5DaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVlBQ3VPbWtXNUYwSmcwbEVVRVpuX2N6clNHU0xsVmZsRU9aQ0dJVGhqWXkwMjBpbWxWU3caWENoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpNEE0VUZkQTNfc2wzTnV6cXkwZVYwUDU0bVB2dTN6cE1Dd0lHdm8zWjZFc0hKVkl0dElVZFVQZW9rWDFOcTYiEwj81M_Iz7iBAxUgjIMHHZAJBqI&is_vtc=1&ocp_id=QpkKZfyrMqCYjuwPkJOYkAo&cid=CAQSKQBpAlJWxIVlOiQpxwMse_TwZhupRrJJYlfWpcx84xvuk0upzISeWmEu&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt3LX9GSqapr9PxJRydTWkC35Ng3oHnzXlg&random=4292644772&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=915206202&cv=11&fst=1695193410762&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsports.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&value=0&auid=1717041249.1695193410&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek5DaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVlBQ3VPbWtXNUYwSmcwbEVVRVpuX2N6clNHU0xsVmZsRU9aQ0dJVGhqWXkwMjBpbWxWU3caWENoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpNEE0VUZkQTNfc2wzTnV6cXkwZVYwUDU0bVB2dTN6cE1Dd0lHdm8zWjZFc0hKVkl0dElVZFVQZW9rWDFOcTYiEwj81M_Iz7iBAxUgjIMHHZAJBqI&is_vtc=1&ocp_id=QpkKZfyrMqCYjuwPkJOYkAo&cid=CAQSKQBpAlJWxIVlOiQpxwMse_TwZhupRrJJYlfWpcx84xvuk0upzISeWmEu&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt3LX9GSqapr9PxJRydTWkC35Ng3oHnzXlg&random=4292644772&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.js
d2muzdhs7lpmo0.cloudfront.net/ 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2muzdhs7lpmo0.cloudfront.net/widget.js?id=19762286&secure&9417741
Requested by
Host: d29k50lkkhkjby.cloudfront.net
URL: https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-74.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:03:25 GMT
Content-Encoding
gzip
Via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
Age
6
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Cache
Hit from cloudfront
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
X-Amz-Cf-Id
_9_2zdslAW-6h71Y6PcFPwCSKWZ3yV0pnrPHl_uidkgVAq_-frZ1ww==
adoric.v9.4.min.css
static.adoric.com/ 		169 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.4.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
x-guploader-uploadid
ADPycdt1PeIKSWsnHT8mEp2h3RlapZWqxSp74KK15VmXxPPf2KytbUdE4oPCrgihkPFY0Q7HZNcGgDi6xsRtZN-FAbidErETvrsj
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 08:54:57 GMT
server
cloudflare
etag
W/"d6693c4efa6e72bb9b105bc8e6384b27"
vary
Accept-Encoding
x-goog-hash
crc32c=aiZ+bA==, md5=1mk8TvpucrubEFvI5jhLJw==
x-goog-generation
1693817697766768
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkKeuy22oSyIWAbTjGCGmg5L%2BxpS%2B84Sw2dveXV1HACOQG4wmGWSUQjXBEpfuAjlP3hcPIELsUzxAC2cY63K67IePqga0Xy9e%2FEzU587CMXJTwfF4PEi9GiNv7ZlZH7CM1lOp0l%2BgkoEKyfgGEMwVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14462
cf-ray
80983582fc541db3-FRA
expires
Wed, 20 Sep 2023 08:02:57 GMT
/
app.adoric-om.com/v1/campaigns/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fsports.walla.co.il%2F&d=desktop&lsps=0&pd=M&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
8049f5fabd4b7c67675d9610e4f9c8faa0ca6d92dc0beed18e735cf5f8d570bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 07:03:31 GMT
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"f92-V8X1ZilFXBU1vKLePiir9lK7eTU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je39i0&_p=1539571934&cid=633202485.1695193411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695193411&sct=1&seg=0&dl=https%3A%2F%2Fsports.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1695193411042&cv=9&fst=1695193411042&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsports.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2715ea62d6ebb409dd707befac0298dcff62fa25746122c7cc22847bdcc41ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1441
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je39i0&_p=1539571934&_gaz=1&cid=633202485.1695193411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1695193411&sct=1&seg=0&dl=https%3A%2F%2Fsports.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=3&ep.vertical_name=%D7%A1%D7%A4%D7%95%D7%A8%D7%98&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=sports.walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=&ep.tohash=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=633202485.1695193411&gtm=45je39i0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=633202485.1695193411&gtm=45je39i0&aip=1&z=291930838
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 08:50:38 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires
Fri, 20 Oct 2023 07:03:31 GMT
date
Wed, 20 Sep 2023 07:03:31 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb28028a54e3ecd99931e082271ba5726b91dc0b396f3ec95ec5625504e1ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50840
x-xss-protection
0
server
cafe
etag
6517541810927756076
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:31 GMT
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 07:03:31 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
sports.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/main_d4601f1cda13fd6c3d66_d4601f1cda13fd6c3d66_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:39:58 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
51813
etag
W/"1eb65-18aadd9a398"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
D1TJ0HIriyaJkhPURXozkhcJDATD07HocE0EEStzACDe2-IVaHzETg==
x-cached
MISS
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
sports.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/main_d4601f1cda13fd6c3d66_d4601f1cda13fd6c3d66_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:59:22 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 07:25:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
68649
etag
W/"cfe-18aac547d31"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
x-amz-cf-id
uWgq1ENnRJ7gzsx4ZGJgMZeJ3Ynu34RP9ni0qWbOa3VTLIM6g7gzsg==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbbf6a61a796993d0b994a5fc6c3b84de2a4d0fc2d4513358cdf3a7a31947f26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29480
x-xss-protection
0
server
cafe
etag
685 / 19620 / m202309140101 / config-hash: 7190792443359072308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:31 GMT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Nc3GQX_FPWE4JJa4d6ElLMboprgduwrj
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 20 Sep 2023 07:03:31 GMT
x-amz-request-id
CVKBBR8HHR059X2S
age
2235
x-cache
HIT, HIT
content-length
1107
x-amz-id-2
3rcSnvp+lLri15PpD2PiS0gWXs6e9pt1Qkdg2q+BzhqDFHXifcAK9823IoWAItMYavWEVp8uLHs=
x-served-by
cache-sjc1000140-SJC, cache-fra-etou8220090-FRA
last-modified
Tue, 18 Apr 2023 12:24:46 GMT
server
AmazonS3
x-timer
S1695193412.801276,VS0,VE0
etag
"ba233cf579e81e13395451d440481864"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
774, 2
impl.20230919-1-RELEASE.js
cdn.taboola.com/libtrc/ 		810 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
96d4b2728608fb778ade0f9f40b030a7b3bcb922163822e1ff758e6a1946d046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
gOYyhUTyniawHCakNn_U3YZaOeWOvO7v
content-encoding
br
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:31 GMT
x-amz-request-id
85TVWWHWQP1KTSG9
age
21882
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171480
x-amz-id-2
HSpV3d/8pFWiQde5XqnxijDDuihsJO0MnBzORPWNDqqc9vSouC5UWmgC/vysz8TZTGYUAFemRwc=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 08:58:17 GMT
server
AmazonS3-br
x-timer
S1695193412.776252,VS0,VE0
etag
"874abd85cc81515836c7021da80ac23f"
vary
Accept-Encoding
content-type
application/javascript
abp
39
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
33070
close.png
sports.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/ads/close.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:37:54 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
48337
etag
W/"46c-18aadd9a3a3"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Qau5el2s6zkfUVkyDCEO4UcTkITC3Ah2WfcVZQDtf1U5MYiKPAhc2Q==
3547860-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/5/4/7/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/5/4/7/3547860-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
867a8ba730e980f97fe271e81000030de75a8daddb68b2273eaa46f97891ce14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 09:51:13 GMT
via
1.1 google
age
76338
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13367
3201692-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/0/1/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/0/1/3201692-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
82e31b39848ad7ff639a981f033848abbb593c44eaa40f01b48f2bf8641ac444

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:55:32 GMT
via
1.1 google
age
40079
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17667
2790015-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/7/9/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/7/9/0/2790015-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c3d1a8853d20cf2d0f9d47e7cc0fef7e08bce96bf963f5f21315430787aa2062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:48:38 GMT
via
1.1 google
age
47693
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4708
2689955-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/6/8/9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/6/8/9/2689955-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8af6b9c29073fcec8679a8e4bd3c2975fd0fc2cf8bd07b51af8e3c9ab4730cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:29:04 GMT
via
1.1 google
age
45267
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4822
2569266-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/5/6/9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/5/6/9/2569266-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
29733eb4bb416659b4f61c328862e1439569ad54efb572490de6347e9980948a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:46:11 GMT
via
1.1 google
age
55040
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4952
2458708-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458708-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4b7437cccbbb8cf9d074fd23b1a4e62622f1fa93141c05fb17782402c734a202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:53:11 GMT
via
1.1 google
age
54620
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4540
2458700-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458700-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
988ce759ff9f3585719f5f4081ee7f48a7ae1dc4d8466c06bd8e8982d5a6617d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:52:03 GMT
via
1.1 google
age
47488
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4954
3056473-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/3056473-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e64061bde8642c9458d8617a35d1d0eb32af020dd4a2b68802618dadab2642a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:50:08 GMT
via
1.1 google
age
51203
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14854
3056483-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/3056483-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9f6b6e7ab9c38eb2fb50293694882bf5e3a9af93cc2a4a82e1d4972b0f528058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:42:05 GMT
via
1.1 google
age
55286
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5308
2458706-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458706-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d4e386191b073d5400d9e296c58c992f10acbc4adf1d1afbc43f517c5411d39a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:44:50 GMT
via
1.1 google
age
40721
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5100
2458710-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458710-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
b80178fd85057160863dc9a39dd148c584400a9bc59078fdaea14264727671b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:14:43 GMT
via
1.1 google
age
49728
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4500
3056469-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/3056469-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6c9f02b763b53e17a1193b6e153636259abdb7a1a3c5bb1f3faf39b4cb8362a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:33:50 GMT
via
1.1 google
age
52181
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15630
3195438-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/9/5/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/9/5/3195438-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
06ee06f6d785f1a70dd3f38872e32daf4df53f44a53d50cf614a7520fe42b6ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:14:43 GMT
via
1.1 google
age
49728
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16067
3396194-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/9/6/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/9/6/3396194-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
82c2d90bcc637d4c709fcf38e52e800eb193842bdd7085a98a0758fa917579da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:55:07 GMT
via
1.1 google
age
40104
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15998
3546465-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/4/6/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/4/6/3546465-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7dea9aa48ff9d409750cc5263b557199bdcb2a8bf60809817da7567d928d1707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:09:33 GMT
via
1.1 google
age
3238
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36578
invalid-name2.svg
sports.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 14:43:48 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 13:00:47 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
58783
etag
W/"834-18aad876aca"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=3600
x-amz-cf-id
qy3E2YOFq1um_hk62Y94HOQhgg3YVsHhlutSmiLdwI7jYMSkz-nd5A==
x-cached
HIT
2977348-46.png
images.wcdn.co.il/f_auto,q_auto,w_200/2/9/7/7/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/2/9/7/7/2977348-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
faa20ed9366b7722fd4eb76ada51e5a78aa0640af135443eec236409c27b26ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:52:40 GMT
via
1.1 google
age
47451
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30543
2977351-46.png
images.wcdn.co.il/f_auto,q_auto,w_200/2/9/7/7/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/2/9/7/7/2977351-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e9484d6a2ea804ef952a85ed5f4184afe72c01c4c68f4d6f272ac655d6602de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:40:47 GMT
via
1.1 google
age
48164
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31709
3585897-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/5/3585897-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cf528fec5f2cdedcd8213c7d056781991c894b6a52f00c98e9500952e171c184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 16:42:37 GMT
via
1.1 google
age
51654
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9774
170717926997655
connect.facebook.net/signals/config/ 		141 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.127&r=stable&domain=sports.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e75d09349ca6dd7bb62fa78d2a3437ea2f0ebb40fdc0ecf610433e4ca8fd4d0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Sep 2023 07:03:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37249
x-xss-protection
0
pragma
public
x-fb-debug
HXXFZlDny4qsMDc1UFmD7laM47cbBcruwKVHrA4NKf9iZMpMNwgv0mhLzwi9yInl2jpVy95KPFbBJzcjMQ4QsA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230920
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10960
x-jsd-version
1.0.1818
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-g7L8eUzQQd1oX2hmZmocfYLYIy8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg%2BbwllIT3m6CB4IbuaYXmpAS4C%2FSrb%2F9sX3tfi0KjpUkWNEs2Ns1METcxMokbrkxvWFpgPo6jfmdL5kmpNNG%2FsEy74X%2F0b0trHT3C3vtMOoz9T9QtY27cWDCmJkxvY7hBuznrlWKhWFD189arg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
809835898c989baa-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:32 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Thu, 31 Aug 2023 12:44:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1707131
ETag
W/"f8af1a4095b4bc54b208ebf4d4dca750"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g06RCgaJh1L7eJI23mJKOK4zrmCFuTLOCowAHfXbUAdJMRjsS9ulhq%2BNkpN%2B9TszRUGMzZ3Memh%2FnZFfbC0itLnhh%2FEiRBh5%2FauVPE1alQcix6NVRKd0ypl12mvR4wyD0pAiQ0SCP%2FEAGW9M"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
80983589bb9bbb86-FRA
prebid
ib.adnxs.com/ut/v3/ 		357 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eb923efd647699cc999cb0f47796e3d871f3e6de5e61f9de68c8f6bee996abe1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
an-x-request-uuid
c4627fb5-a980-4e98-9fb7-147d21adada1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
357
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ce280392179400ae2380291c3e0173c785292d2a22010f57c70afd7afb5f9034

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9cef23b039ec0734477488d163b36570423435d2afe2fe014d8644f6f4bedbb

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2cF3V9Bw51c0vTjDMW0Gcb4AunR%2FqtDikXEVBQGyPJibhOWMEQjbn5zxr33W9sMlhdDQmGg0ZcjqQu2eQfo6zJzTNNXhk9FFdWuakhEVKhZ7SE7oDWcacwf6Z1UhKPSSO%2BFckuw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8098358a78444d38-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.walla.co.il
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
7a1f4c8bf10f2b374bbe1e2fcd7a01237533a6c035c7e4f9d3926a182fa927de

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Sep 2023 07:03:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sports.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
auction
tlx.3lift.com/header/ 		19 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fsports.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.100.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-100-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:33 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d54086f3da92b0295d06c868258ff5949c113f3b30e2120ecd758e9b86b73355

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d54086f3da92b0295d06c868258ff5949c113f3b30e2120ecd758e9b86b73355

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d54086f3da92b0295d06c868258ff5949c113f3b30e2120ecd758e9b86b73355

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2214040
bs.yandex.ru/prebid/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=sports.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
last-modified
Wed, 20 Sep 2023 07:03:32 GMT
x-yandex-req-id
1695193412411107-751821170868548606400343-production-app-host-vla-pcode-56
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://sports.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 20 Sep 2023 07:03:32 GMT
2214040
bs.yandex.ru/prebid/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=sports.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
last-modified
Wed, 20 Sep 2023 07:03:32 GMT
x-yandex-req-id
1695193412408357-613381496508084374700247-production-app-host-sas-pcode-72
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://sports.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 20 Sep 2023 07:03:32 GMT
2214040
bs.yandex.ru/prebid/ 		0
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=sports.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
last-modified
Wed, 20 Sep 2023 07:03:32 GMT
x-yandex-req-id
1695193412411178-1116369733655932536800302-production-app-host-vla-pcode-183
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://sports.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 20 Sep 2023 07:03:32 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fsports.walla.co.il%2F&PageUrl=https%3A%2F%2Fsports.walla.co.il%2F&PageReferrer=https%3A%2F%2Fsports.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
58d449ba122bcee25cb2b011dcb71623f92fed134a59981210b52c2ace713c6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
226
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
1248
expires
0
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8098358a780a3618-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8098358a780b3618-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8098358a780d3618-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=7764022167&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Wed, 20 Sep 2023 07:03:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Wed, 20 Sep 2023 07:03:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 20 Sep 2023 07:03:32 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: top_desktop, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: rectangle1_desktop
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8098358ade6a2c32-FRA
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		393 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=8d526db1-7c31-4e16-835f-7bfcd03cbf5d&l_pb_bid_id=93fb84505c01864&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=991e5640-71c4-4cab-9eed-846566fc943d&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&slots=1&rand=0.8060544287705553
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ff4eea6c8a923c8012f7844d9c7d19671f7ad4477f8c9ce892d0191ec497632c

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
393
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		396 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=8d526db1-7c31-4e16-835f-7bfcd03cbf5d&l_pb_bid_id=9446c6697515bce&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=150534f8-e93e-4b46-a2e7-0a0379bff20b&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.1397816258183977
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4720fadd0bac5cbafbfc4a140def438af0c72bd201e71a8034fd4a8af272d2a6

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
396
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		401 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=8d526db1-7c31-4e16-835f-7bfcd03cbf5d&l_pb_bid_id=957fd15185266c3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b38aceb9-4e97-49ae-a43d-62015962e13a&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&slots=1&rand=0.7969121575261702
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
23388937dc7d71c44ed2379dd6603dfb4510b410fabd287b6257738146aa17f8

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
401
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Wed, 20 Sep 2023 07:03:32 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
ads
securepubads.g.doubleclick.net/gampad/ 		129 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3886780570117342&correlator=2143002198687479&eid=31077942%2C31077994%2C31078017%2C31077705&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Clogo_strip_result%2Cnickbar_desktop%2Crectangle1_desktop%2Cvideo_slider_desktop%2Cprestitial_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18%2C0%2F1%2F2%2F19%2C0%2F1%2F2%2F20%2C0%2F1%2F2%2F21%2C0%2F1%2F2%2F22&prev_iu_szs=300x95%2C970x40%7C970x50%7C970x80%2C320x50%7C300x250%7C300x600%7C300x1050%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&didk=1492726801~1824947660~1346885027~3338884686~1738885838~1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871&sfv=1-0-40&ists=65535&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695193412366&lmt=1695186212&adxs=315%2C315%2C-9%2C800%2C-12245933%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=1084%2C1160%2C-9%2C116%2C-12245933%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149%2C5149&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C0%7C-1%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsports.walla.co.il%2F&vis=1&psz=300x0%7C970x-1%7C0x-1%7C1600x0%7C1600x-1%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109%7C1600x5109&msz=300x0%7C970x-1%7C0x-1%7C1600x0%7C0x-1%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&fws=4%2C516%2C2%2C4%2C640%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=300%2C970%2C0%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=633202485.1695193411&ga_sid=1695193412&ga_hid=1539571934&ga_fc=true&dlt=1695193409889&idt=2087&prev_scp=slot_name%3Dlogo_strip_result%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop&cust_params=permutive%3D&adks=1248561038%2C2650887505%2C1673597779%2C4045617457%2C2637305611%2C3645669435%2C2497977751%2C2307308051%2C2911509050%2C2493450122%2C371343016%2C608226797%2C2435464406%2C1829383952%2C4208359143%2C2743046946%2C169054207%2C1872149234%2C2952711809%2C164849084&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e719a0b2e201a4b753922d106f89cf649cef2ba38c4d7bae6577745aa64c8a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23150
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-2,-2,38340105,38284305,38363625,38363745,38363865,-2,-2,-2,-2,-2,38240625,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-2,-2,68907848985,68907848985,68907848985,68907848985,68907848985,-2,-2,-2,-2,-2,68907848985,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0516 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=633202485.1695193411&jid=1759484508&_u=aEBAAEAAEAAAACAAI~&z=487235622
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=633202485.1695193411&jid=1759484508&_u=aEBAAEAAEAAAACAAI~&z=487235622
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.4.min.css
static.adoric.com/ 		169 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.4.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6
x-guploader-uploadid
ADPycdt1PeIKSWsnHT8mEp2h3RlapZWqxSp74KK15VmXxPPf2KytbUdE4oPCrgihkPFY0Q7HZNcGgDi6xsRtZN-FAbidErETvrsj
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 08:54:57 GMT
server
cloudflare
etag
W/"d6693c4efa6e72bb9b105bc8e6384b27"
vary
Accept-Encoding
x-goog-hash
crc32c=aiZ+bA==, md5=1mk8TvpucrubEFvI5jhLJw==
x-goog-generation
1693817697766768
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR%2Bqj3RMfUXzkcu2kr3DtAAJA9W5IJGHitoCaexjIGVJZSqb3liCv6p5FFqyRYqR0mqIA8lsYvngzCS%2Fgl0FzFQiCtQzJQEG1wt5QQSd3iGqmsCw%2BCfO757%2FlpIN7qCzwyOxuYIUO1Wkdb29OGzspw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14462
cf-ray
8098358dc9641db3-FRA
expires
Wed, 20 Sep 2023 08:02:57 GMT
/
app.adoric-om.com/v1/versions/html/ 		26 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/versions/html/?ids=64dc6cdc594a6800240d012a&pIds=
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
318c30d76082c8f46e59817afd5fce730b6763a4149778add8754bd36078ce05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 07:03:32 GMT
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"6989-MiBsQQExQ0TtPX0MegE/xM4tRfQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
id.json
loader.unblockia.com/c/sports.walla.co.il/ 		11 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/sports.walla.co.il/id.json
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ac00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
254f58fa25c96edf26d778e55a3f78ed9233c997ee4cdbaa8fc2455c6387a1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
TiRSpk0BHpFpTGg1HZAeKXRYb9USr3h0
date
Wed, 20 Sep 2023 03:59:43 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
11212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11
last-modified
Tue, 01 Aug 2023 10:04:35 GMT
server
AmazonS3
etag
"901ca228ef124865bdb36baef71bb3e0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
OKZcNB0h7BPQoZUPHSFUbSreckUc5FPmkLkeBVhJ-hrjprzFacD9IQ==
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		1 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant:400,normal&display=swap
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df530da98f4761a15ac6fe7fc0380de2f4e8219bab76bb25f12ca41f9ea2fd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 07:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 07:03:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 07:03:33 GMT
fonts
app.adoric-om.com/brand/ 		2 KB
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/brand/fonts?id=63b2e8501e76d00b59931323&fonts=[%22arial%22,%22helvetica%22,%22almoni-demi-bold%22,%22almoni-medium%22,%22almoni-regular%22,%22almoni-black%22,%22almoni-bold%22,%22almoni-ultra-bold%22]
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
3bcd94510a60f0f31bf93e8f8d9dd625808709fb978b0ab2aceee053b5313a6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 07:03:33 GMT
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"616-rW0d7+pLxIZVFRCG8JrI64H7oMk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
branding.svg
gcpstatic.adoric.com/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcpstatic.adoric.com/branding.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd338ef682c3e480c17d819e567591b70db334e21f17b4b5065105259eb1fb0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3440
x-guploader-uploadid
ADPycdvYyF2JEcJsigSC_NL87x8JZLK0rL7aC4Bd-QaHQXVmqBCLkkGUh737IrkaS7mLXC2TD2_kI73s3CGzgalfqGKKgw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jun 2020 11:01:19 GMT
server
cloudflare
etag
W/"1b81ba01eef0262461f5111a5966962a"
vary
Accept-Encoding
x-goog-hash
crc32c=ksCrvg==, md5=G4G6Ae7wJiRh9REaWWaWKg==
x-goog-generation
1591354879360590
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBTQCpQBgjcYFGQvaagNEfSpDY%2FZqex86WNRrC2DxVMZHb4BgFlXJwEMQmqgUq8B66EKTU2s07Vzik9%2BtbE6jAXJvw2zDp%2FdBJ5DZTEK4FkCu8SwDzmrPP3Qlr%2BpbKUeqbnUJw8oF7a9Jb1RumWfjR0CjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1650
cf-ray
8098358f7b891db3-FRA
expires
Wed, 20 Sep 2023 06:49:44 GMT
8e238598-0848-45d3-833e-c75b48d5d5a2.png.webp
storage.googleapis.com/adoric-user-images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/adoric-user-images/8e238598-0848-45d3-833e-c75b48d5d5a2.png.webp
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8333d39911f90b03a5b0291a858658cfd938f5c0290cb12259f6c8e1d791df3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:03:37 GMT
age
3596
x-guploader-uploadid
ADPycduAGZcPksZ7E7Xe8X8HDBAfFD2e81SiADZ0XlLMTU4c1UI3XOBXcTE7eWCM8SS1I-zLzfprh8VvR4p9H0tJNTuTPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 09 Aug 2023 13:43:39 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1691588619806877
x-goog-hash
crc32c=PXBuBw==, md5=WbBnAfjAtNGEfnAJKvoCMw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
2905
content-type
image/webp
accept-ranges
none
expires
Thu, 19 Sep 2024 06:03:37 GMT
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6961 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E7F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E46D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1EC9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB10 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0306 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23B4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1695193411042&cv=9&fst=1695193200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fsports.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&fmt=3&is_vtc=1&random=1685724415&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1695193411042&cv=9&fst=1695193200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fsports.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&fmt=3&is_vtc=1&random=1685724415&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pmk-20220605.1.js
pm-widget.taboola.com/wallail-walla/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.1.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
YaUoVhRXeV8pgb7fnBF6NLXk_e7KSGb2
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 20 Sep 2023 07:03:33 GMT
x-amz-request-id
1ZRF9AZMSP1MXZKY
age
5526226
x-cache
HIT, HIT
content-length
31819
x-amz-id-2
OUckhCCBQyRlZ54uGukfAk+IL/wJcaCb6S8Qtf8Omgh3owsecWM0riI5KUBsohxeZh5TodRrLw4=
x-served-by
cache-sjc10027-SJC, cache-fra-etou8220090-FRA
last-modified
Tue, 18 Apr 2023 12:24:45 GMT
server
AmazonS3
x-timer
S1695193413.233228,VS0,VE0
etag
"4bbfdfa56e1850f61d8804a24a682324"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5313, 257
logo.png
sports.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:36:10 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
19643
etag
W/"558e-18aadd9a3cc"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
F8aDXIpejoQutB-h24tpYnIqvSbecX6fSTrVHulvGrDhOonXxraCUg==
1616785908557850
connect.facebook.net/signals/config/ 		420 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.127&r=stable&domain=sports.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b263a9553c1d59475d427c777c6c20f7c0e91baa00bd7370ed614bf17b3b4b1d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Sep 2023 07:03:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
117287
x-xss-protection
0
pragma
public
x-fb-debug
4EXC+iOOLRswtLHG4DPfo9aZAzGf/ZoEkpVuXKFcCWEm4kMMpSNewVZJmkpXk8KG+1+j0jOmmG60jiBu/bXtqQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fsports.walla.co.il%2F&rl=&if=false&ts=1695193413260&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.2.1695193413257.1970768664&cs_est=true&it=1695193411969&coo=false&rqm=GET
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 20 Sep 2023 07:03:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
almoni-neue-aaa-600.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:02:40 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
46853
etag
W/"e954-18aadd9a3e5"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
Ij07FKoitr_vdonRE3x5KWK2TE8ls-iynVNkF98GsuTypu0sVw2kfA==
almoni-neue-aaa-900.woff
sports.walla.co.il/public/font/almoni/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-900.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
75ccb11e22d3f2e3475ada74631301c9071a94fb903877a28fc46875b9cfd063

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:08:41 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
50092
etag
W/"ef18-18aadd9a3e6"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
61208
x-cached
MISS
x-amz-cf-id
oJ4G3j75iQoYN_Dvr5BQazROBFa1bKaDi4C1ZnhfTs7qmSH7FGNYgw==
almoni-neue-aaa-500.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:41:30 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
48123
etag
W/"e7c0-18aadd9a3e5"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
Hr1Tk9L63dChTRzyYk3r9vqFJLfi-bY1qDXoU-3mKEvWgyPSPvgYTA==
almoni-neue-aaa-700.woff
sports.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:01:53 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
50500
etag
W/"ea00-18aadd9a3e5"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
Awzk5m31ClqDohLJuv8ddOYbYGSiAmHsp0toDAgVmsakHLys4Whd_A==
almoni-neue-aaa-400.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:59:33 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
54240
etag
W/"e770-18aadd9a3e4"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
pgidhTJ8DUVU66n_cMErdvxVy8KWLGdwJeFNxwVFnDOkoSd0WSzyNg==
almoni-neue-aaa-800.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:57:59 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 07:25:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
68734
etag
W/"e65c-18aac547d7b"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
58972
x-cached
MISS
x-amz-cf-id
21i-kraR-OaSkxHcSpl6af40SduJwXKFSEnfNZMuRC6EcVso8E1geQ==
wallaicons.woff
sports.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-122.ams50.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:22:06 GMT
via
1.1 google, 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 14:30:36 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
AMS50-C1
age
45687
etag
W/"3bdc-18aadd9a3e7"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public,max-age=3600
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
k-iBFYgljvyntv86cRKCEY8QCjkNLqJm2rGbl8osJQS9EWRHn-bhkQ==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
210084
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		102 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=09%3A03%3A33.364&lti=deflated&data=%7B%22id%22%3A210%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1695117054297%2C%22vi%22%3A1695193413358%2C%22cv%22%3A%2220230919-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5319%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Native%20Category%22%2C%22orig_uip%22%3A%22Native%20Category%22%2C%22cd%22%3A1846.75%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%22%2C%22cd%22%3A2324.53125%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%201%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%201%22%2C%22cd%22%3A2719.421875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%202%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%202%22%2C%22cd%22%3A3100.3125%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%203%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%203%22%2C%22cd%22%3A3509.203125%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-j%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Category%22%2C%22orig_uip%22%3A%22Mid%20Category%22%2C%22cd%22%3A3638.3125%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%204%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%204%22%2C%22cd%22%3A3890.09375%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%205%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%205%22%2C%22cd%22%3A4284.984375%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%206%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%206%22%2C%22cd%22%3A4665.875%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-textl%3Aabp%3D0%22%2C%22uip%22%3A%22Text%20Links%20Category%207%22%2C%22orig_uip%22%3A%22Text%20Links%20Category%207%22%2C%22cd%22%3A5038.765625%2C%22mw%22%3A325%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-j%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Category%2001%22%2C%22orig_uip%22%3A%22Mid%20Category%2001%22%2C%22cd%22%3A5173.875%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-e%3Aabp%3D0%22%2C%22uip%22%3A%22Endless%20Category%22%2C%22orig_uip%22%3A%22Endless%20Category%22%2C%22cd%22%3A5173.875%2C%22mw%22%3A635%7D%2C%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-v%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Category%22%2C%22orig_uip%22%3A%22Left%20Rail%20Category%22%2C%22cd%22%3A1773.09375%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CEndless%20Category%3Dthumbnails-e%3Aabp%3D0%2C%2CLeft%20Rail%20Category%3Dthumbnails-v%3Aabp%3D0%2C%2CMid%20Category%2001%3Dthumbnails-j%3Aabp%3D0%2C%2CMid%20Category%3Dthumbnails-j%3Aabp%3D0%2C%2CNative%20Category%3Dthumbnails-stream%3Aabp%3D0%2C%2CText%20Links%20Category%201%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%202%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%203%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%204%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%205%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%206%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%207%3Dthumbnails-textl%3Aabp%3D0%2C%2CText%20Links%20Category%3Dthumbnails-textl%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92b27c509dc69284a7b927144467242563d07c92c01946f2b61e34adfd9a3fd8

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
846
date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9441666666666667
x-fastly-to-nlb-rtt
7436
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1695193413.377220,VS0,VE846
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
80983591e9a19a41-FRA
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1707130
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 31 Aug 2023 12:44:55 GMT
Server
cloudflare
ETag
W/"69d6e69258e345d4df1e72d8a9065e99"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9FdBpY14Rw88ot%2BHutjE8vkgahAtT%2FyaO8Dss8csIV2BFTzvjdYewYHxThmjFoCbHiD16kRWRNUjEjWFCuRzLxC4tG%2BC9YFQETQIlzfbRE1zYe2qV20Btrp6UFwYZPHdw1t8T5ycKUuEkni"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
80983591cabe1c19-FRA
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=129237
accept-ranges
bytes
content-length
65459
expires
Thu, 21 Sep 2023 18:57:30 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
80983591c8c23618-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 20 Sep 2023 07:03:33 GMT
server
Google Frontend
x-cloud-trace-context
db32f4321a9a678d868e33de28b1c64d
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id
cd2dca29-d288-4cff-ac0f-288bc578457a
x-vad-version
0.14.9

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-cloud-trace-context
6983d662f023cde9ceedb081fce6a02e
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		192 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3886780570117342&correlator=87023613966039&eid=31077942%2C31077994%2C31078017%2C31077705&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Ctop_desktop%2Cskyscraper_desktop%2Crectangle1_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C120x600%7C160x600%2C320x50%7C300x250%7C300x600%7C300x1050&fluid=0%2C0%2Cheight&ifi=21&didk=3053597838~1574287433~3673394542&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db8c01700586c7d08%3AT%3D1695193412%3ART%3D1695193412%3AS%3DALNI_MaOjoTGq9bM3RP5Dajb1GMy4Xru2A&gpic=UID%3D00000c791dd01723%3AT%3D1695193412%3ART%3D1695193412%3AS%3DALNI_MbrQOWYY0XTvBIO0eod-p73XKAGnw&abxe=1&dt=1695193413419&lmt=1695186213&adxs=805%2C1480%2C315&adys=101%2C185%2C1308&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C16&ucis=l%7Cm%7Cn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsports.walla.co.il%2F&vis=1&psz=970x0%7C120x-1%7C300x0&msz=970x0%7C120x-1%7C300x0&fws=4%2C516%2C4&ohw=970%2C120%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmACac1-8iINsSykawFc8F4XdnUJ5Pkbt7nYuM40O2_eLzoaFlIDectw7uR7zSiwzrAlloQEhlkx2v9tUtGnbmtQHo3l-A%2CAOrYGsnhwrlmh_-NFo94DMMkCuLP5kk92tWYcn_i5ntqFpDjf4Q7GfbmdPOfCahXN8B02wxHZUKzv5sWX31ZVDUVKOff_9MLyLo%2CAOrYGsmLnYDHVhL95ViN6bhnfOj7oUcOkCzxhpDtY5bKys41Q4WzYK8YxBel32oZMYICzZmhUjNecNZT52OQ8Df1SXBisLqxATE%2CAOrYGsmzT4gZJVX0hb5gWsLwRIbiy77yayIBzTzgAmznlk3Lg-54D3hwMkyHmbUEQtezNsgoMY3LVIl6s929lvWYaGm5gBWFTPc%2CAOrYGsns6QIJFWtD2i9YhRDM6V2GFbPV-IqQjEQ-EPMqoJS27uuxfmuSHFFh6Zvj7ZmWY8u4jY4MIfVo6bhHr9Swd5qfumwsSGg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmC1KQEI6Ou0eUIbjYD4_emZ3RA2kJkhmyo0CR0AXbvK-JMLXA9LVVeNe9GMEE-6-oQXUz-oMYdGh0IHg6B8RUdngaMMAg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=633202485.1695193411&ga_sid=1695193412&ga_hid=1539571934&ga_fc=true&ga_cid=301290989.1695193411&dlt=1695193409889&idt=2087&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26item_id%3D0%26vertical_id%3D3%26vertical_name%3Dsports%26category_id%3D0%26providerid%3D0%26sub_categoryId%3D0%26mobile%3D0%26vertical_eng_name%3Dsports%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwalla.co.il%26strip_step%3Dafter_prime&cust_params=permutive%3D&adks=1635426353%2C3318932457%2C2208690973&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3475c5818f01d0b02baf9ba6a4f1711be83252fdc8685ff45b68d712422df40
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfJ8cnPuIEDFQMU4AoddBUAKA&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfJ8cnPuIEDFQMU4AoddBUAKA&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
date
Wed, 20 Sep 2023 07:03:33 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62444
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6BE5 		134 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
699e728fc3327c4244972797084f8c44a2afdfa3eafec8f90b6e83ba1df12c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:33 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Z4hCKHS5Bd5uLVgu0CJKnbjEiOQflHdPTEKh-ipGnTRBG3rsqw6mdgHv7ItXE68odSB9_PZie-xtT0wWNKX2B6FUCF5T7yqRZ5M5tv4HwTrVxMbuL0lXkBPb2MeYiTcFCwu37Pr6uQepcUclsWIgblEvbcQXz5KLOHbFv20cOPA47YZH33VbYIiEY0nUkluz7MIkcYinBFBH7oCIH-RO0wxSezaN38oDzB0jTZyZZq-zkl-g6v2aCnA1svQDMnByOE9SDQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
48740855
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 44A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 998B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 44A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
39999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
l
www.google.com/ads/measurement/ Frame 44A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwj-uXKlgIh7pQOEebCq03KnpfSX5JTvA9PnXqQiM-2RHrXGZJqz3rc2pqAJHE1txjACI-93gwL2Xp-F4ZplPmgo3U8A
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 44A8 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44A8 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:33 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame F01C 		129 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
841569df881df09a6faa23aa34c22bf05893316f8cfc21727e056133fdba96ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:33 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YTZ8_HS5Bd5uLVgukMkfd23GfErTT0L3gHJOZRvK2vtjIJjpAD6TBBqj9JNhzcWWkGwrs4Eaut6Ix4E9vA1603-eqPvXu_yJbNTlwnVj8XlXQtcS8BkS2xSyuZh9hDZb7PsNSLktbDoMLMWndIzdAUmk2XYIEvtce0GW6W1XJaZ8vZ1oVwtZ06USoqWYj0x6lX4JEqBzFDe6Awi9asrr2otPTFdoJSB2Qi1KAmUJJMZnqRUPw5LrND6jdb8PfJVHAaUEzw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47124766
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 6961 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 68CF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 6961 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
39999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
l
www.google.com/ads/measurement/ Frame 6961 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmv6dNajpdMNY3KLI9nQloFnvWYYInTvbdZsUuyVauy32GSca4MDZnpmmB693aDkWXfwhSWLFFnRBQMPYFD18ZkWhfSA
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6961 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6961 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1E7F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 1E7F
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsutFM3Uo5xC5Uzwmh4acGmFnkwONbdjeTPehGSXLSFHbK2ynyRykcF6tiUlB4optPqMsVwWcvrvPjjezvihT8rqCeDumqSfs8PwXyqCrJrZ4IGbuZRIYPG34uhjUmCfihl52FQ-B...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:36:08 GMT
x-content-type-options
nosniff
age
440846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 04:36:08 GMT

Redirect headers

date
Wed, 20 Sep 2023 06:28:20 GMT
x-content-type-options
nosniff
server
cafe
age
2113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 20 Oct 2023 06:28:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E46D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame E46D
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuxrqij7kZ4cbC3I7wacxsBrVW18lkQvAgpr4pFaZ2bd3UajDOsrWGaKp7EXql7GEf5j_S_cFh8QK7N14Sbo8c1NjIT9kq1CxkPHPDpTAZo-33PpMdi0SWbeORschLrfeY4FqdRM...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:36:08 GMT
x-content-type-options
nosniff
age
440846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 04:36:08 GMT

Redirect headers

date
Wed, 20 Sep 2023 06:28:20 GMT
x-content-type-options
nosniff
server
cafe
age
2113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 20 Oct 2023 06:28:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1EC9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 1EC9
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssp6JS0IVA_C_OHuO0XtT_RVP-SDjqN-HaT64_l94h5jJJNZ3XxUSmxPYFQfsyIYMpmFWyXyhFEwbW58jI3zAzANie3f2Pp4C3JIMZdjdBVbjjDYJDOu49gMZV7IMt3plx0J4pTw...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:36:08 GMT
x-content-type-options
nosniff
age
440846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 04:36:08 GMT

Redirect headers

date
Wed, 20 Sep 2023 06:28:20 GMT
x-content-type-options
nosniff
server
cafe
age
2113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 20 Oct 2023 06:28:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EB10 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame EB10
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssUZp3_LJDujHAYdC71vG0yTtC3w9OM60t9K2LiNzgivB4JErFdXsYVG0Uq1qRVwITyBqm9LaJzxyuyF01mcQyuhCtuuA-ViebaPrfNJvAa099_cHrHVDE7RycWVp6i9dNz5pjTk...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:36:08 GMT
x-content-type-options
nosniff
age
440846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 04:36:08 GMT

Redirect headers

date
Wed, 20 Sep 2023 06:28:20 GMT
x-content-type-options
nosniff
server
cafe
age
2113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 20 Oct 2023 06:28:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0306 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 0306
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvA1S_0oLZRBelLoyGyuiLbRvjBTt9YRtJkCAMZKbxAaalhtbYg-Z4lPk2rq9h3y4UXcgnnIi4rx98A3cCW2Jf9GaPLiCfLx6P47U9nc1Gjd-7Ddx0pQuC_1VFjTsH_EnW-osUoR...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:36:08 GMT
x-content-type-options
nosniff
age
440846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 04:36:08 GMT

Redirect headers

date
Wed, 20 Sep 2023 06:28:20 GMT
x-content-type-options
nosniff
server
cafe
age
2113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 20 Oct 2023 06:28:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 23B4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
84759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:30:54 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 23B4
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssT_MraOnKft7We_e8pLH4PC1tGjBtnsTGw_B4t1zlzXoKzkeuzvFzoiPZcs_C0R0H3o4kJEiZ2vzbUHrajIBU3tgXsmhWChEsciCOmwjjXE15-_8ueD1wI7BzJ3VSXgMqCUGa9J...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:36:08 GMT
x-content-type-options
nosniff
age
440846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 04:36:08 GMT

Redirect headers

date
Wed, 20 Sep 2023 06:28:20 GMT
x-content-type-options
nosniff
server
cafe
age
2113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 20 Oct 2023 06:28:20 GMT
showed
app.adoric-om.com/v1/statistics/ 		93 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/statistics/showed?lightboxId=64dc6cdc594a6800240d012a&campaignId=64dc6cdc594a6800240d012b&domainId=63d8e91ff6651e3367ea55b7&planId=63b2f1449cb580001dc2229d&planType=freeMonthly&userId=63b2e8501e76d00b59931323&newPeople=true&control=&clientId=lmredz9elo0po8oks9q&robotStatisticId=null&robotId=null&device=desktop&steps=o6e3njcxj
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
20d2bc0b2735c906b175286e1bb3ea23fa991d752743e25d9e77b05461edfc6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Wed, 20 Sep 2023 07:03:33 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"5d-SMovy8JoXyBWzhdK549DuSNcEAg"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
b2f40443-5960-43c3-ad9e-e7e5e20139aa.png
storage.googleapis.com/adoric-user-images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/adoric-user-images/b2f40443-5960-43c3-ad9e-e7e5e20139aa.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b1f63f3c20b6fb653c8c12f5500f6e28f44d57b6d9396c8fd28be1d5070e19f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:03:37 GMT
age
3596
x-guploader-uploadid
ADPycdvVd2XWTx50Z0rMLkRFrE7ieIroaJ5xWmh0DGODV_5T0lUZPUDxdgvxWgjWjFfzSpPTVfc8l3zRyc-nlEtJbinaYQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 10 Aug 2023 08:13:13 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1691655193261748
x-goog-hash
crc32c=K7ZElQ==, md5=JPsnz0nA4h9Pw95snXuDkA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
1438
content-type
image/png
accept-ranges
none
expires
Thu, 19 Sep 2024 06:03:37 GMT
88fce7df-7fa8-49f6-926d-57a1e6c738ee.svg
storage.googleapis.com/adoric-user-images/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/adoric-user-images/88fce7df-7fa8-49f6-926d-57a1e6c738ee.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
26740d2e9d7003e099fe10702ef4606aa2d6e2209b4175eba625fa6db8b611fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:03:37 GMT
content-encoding
gzip
age
3596
x-guploader-uploadid
ADPycdu7Tax7ta_Hr-4HoxDbPDkuE7mjafRMZExfbBJI8UrfyMmC7_4Hmhiy5T6uES2aPYje5zQJ34KQqcN1Si1YdkFbBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4420
last-modified
Thu, 10 Aug 2023 08:22:15 GMT
server
UploadServer
etag
"34c15890fad81b9113a098f061a41bfc"
vary
Accept-Encoding
x-goog-generation
1691655735382905
x-goog-hash
crc32c=uYSimQ==, md5=NMFYkPrYG5EToJjwYaQb/A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
4420
accept-ranges
bytes
content-type
image/svg+xml
expires
Thu, 19 Sep 2024 06:03:37 GMT
b5644f3d-f224-47f7-8227-111e995fae81.otf
storage.googleapis.com/adoric-fonts/ 		103 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adoric-fonts/b5644f3d-f224-47f7-8227-111e995fae81.otf
Requested by
Host: app.adoric-om.com
URL: https://app.adoric-om.com/brand/fonts?id=63b2e8501e76d00b59931323&fonts=[%22arial%22,%22helvetica%22,%22almoni-demi-bold%22,%22almoni-medium%22,%22almoni-regular%22,%22almoni-black%22,%22almoni-bold%22,%22almoni-ultra-bold%22]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e57edee0e5d804550dbdc6f231d85b0667a42d84adbab21eb4654cc8482fd6b8

Request headers

Referer
https://app.adoric-om.com/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:57:08 GMT
content-encoding
gzip
age
385
x-guploader-uploadid
ADPycdvusCnlOl4Eh4LIJaB6ijc5RKuSF3OM1B6C2ObIxLSJbWIaTMYPnMSnL7HSFxaQgPGeq1ygPgrIovNcSsaVok8pMw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63519
last-modified
Sun, 05 Feb 2023 15:29:31 GMT
server
UploadServer
etag
"ed644d41d484d05888719ae06e9060ee"
vary
Accept-Encoding
x-goog-generation
1675610971084083
x-goog-hash
crc32c=seBEsQ==, md5=7WRNQdSE0FiIcZrgbpBg7g==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
63519
accept-ranges
bytes
content-type
font/otf
expires
Thu, 19 Sep 2024 06:57:08 GMT
8b15169f-a22a-4351-beec-f09ba03afd6b.otf
storage.googleapis.com/adoric-fonts/ 		104 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adoric-fonts/8b15169f-a22a-4351-beec-f09ba03afd6b.otf
Requested by
Host: app.adoric-om.com
URL: https://app.adoric-om.com/brand/fonts?id=63b2e8501e76d00b59931323&fonts=[%22arial%22,%22helvetica%22,%22almoni-demi-bold%22,%22almoni-medium%22,%22almoni-regular%22,%22almoni-black%22,%22almoni-bold%22,%22almoni-ultra-bold%22]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
acadc75406bad895a5edfcdbe529c86b1194c5fc4a29bdb5f6687b45a74c4e25

Request headers

Referer
https://app.adoric-om.com/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:57:09 GMT
content-encoding
gzip
age
384
x-guploader-uploadid
ADPycds74SDi1wToQ-6KsakOgA9RA5l-z6gXs6xHVhQynWD9X75tHcb8Fre2yeW-qmGlO-ENRsPCQET1VW1r_xo0ROdQSg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64074
last-modified
Sun, 05 Feb 2023 15:29:24 GMT
server
UploadServer
etag
"6a58e7bd4a99eac86dfbeeafcc278383"
vary
Accept-Encoding
x-goog-generation
1675610964788500
x-goog-hash
crc32c=aFtNkQ==, md5=aljnvUqZ6sht++6vzCeDgw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
64074
accept-ranges
bytes
content-type
font/otf
expires
Thu, 19 Sep 2024 06:57:09 GMT
effa9582-c2c4-49ab-90bb-840067474290.otf
storage.googleapis.com/adoric-fonts/ 		102 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adoric-fonts/effa9582-c2c4-49ab-90bb-840067474290.otf
Requested by
Host: app.adoric-om.com
URL: https://app.adoric-om.com/brand/fonts?id=63b2e8501e76d00b59931323&fonts=[%22arial%22,%22helvetica%22,%22almoni-demi-bold%22,%22almoni-medium%22,%22almoni-regular%22,%22almoni-black%22,%22almoni-bold%22,%22almoni-ultra-bold%22]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9596add7437d96f2623e8dd1eda8ebbc54cf8d3db9b240256b56f847cfabc359

Request headers

Referer
https://app.adoric-om.com/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:57:09 GMT
content-encoding
gzip
age
384
x-guploader-uploadid
ADPycdt0_M6NZCQfiZF360qFHn-0nnhHhYWpObbH38z-q75WjUX8PnrCu6DVQIxWWlPxM6nPYNuFcxcEbuNlmY_M3_qAyA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63186
last-modified
Sun, 05 Feb 2023 15:30:15 GMT
server
UploadServer
etag
"e24fc13c06a263bf1c627f0852a453ad"
vary
Accept-Encoding
x-goog-generation
1675611015695204
x-goog-hash
crc32c=AZbfQg==, md5=4k/BPAaiY78cYn8IUqRTrQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
63186
accept-ranges
bytes
content-type
font/otf
expires
Thu, 19 Sep 2024 06:57:09 GMT
events
event.dxmdp.com/rest/api/v1/ 		28 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
97c637cbeef3b78b92a5aa74a18293e1aeb98b4b95f0ee4fbaff3b1bf83044b2

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Wed, 20 Sep 2023 07:03:33 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sync
event.dxmdp.com/rest/api/v1/ 		13 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Wed, 20 Sep 2023 07:03:33 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
events
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://sports.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 20 Sep 2023 07:03:33 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://sports.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 20 Sep 2023 07:03:33 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
t.unblockia.com/ 		0
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.unblockia.com/?sid=1621&o=1&b=1&p=1&t=4
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7c00:10:be65:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
0
x-amz-cf-id
w-jDyGpkkKNBeajdDJMUJSCHBRwdMnvLxxTWcUpaILUHY6yTNHr7og==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1539571934&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsports.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adoric%20-%20NEW%20Form%20-%C2%A027687&ea=Impression&el=Adoric%20-%20desktop%20-%20Variation%202&_u=aHDAAEABEAAAACAUI~&jid=1272512529&gjid=744292120&cid=633202485.1695193411&tid=UA-4780630-1&_gid=301290989.1695193411&_r=1&z=190414890
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B5A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A253 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:32 GMT
expires
Thu, 19 Sep 2024 07:03:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 998B 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENoHwqLD43OHVu9uUNdH9RY&google_cver=1&google_push=AXcoOmTf_KawMXopd8xoQj-ZCAeTkIgISEIAEYK04WubF_xj1RAmv7MlG0Gmgk4OMWqEUA-cFdaEUPmm1YpbgbAzs3xSLnBvQrHU7g
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 998B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHYL5kU68d1-U3TMq7ufvs0&google_cver=1&google_push=AXcoOmQAbFtIj_AkRd_7mKvMvXM9RKKVPWzWPex2JAGoI2Fuksu004NKC-tijgWLBE_GDfrzIZzV_Q5-xtBHjifSGs7t0n3...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQAbFtIj_AkRd_7mKvMvXM9RKKVPWzWPex2JAGoI2Fuksu004NKC-tijgWLBE_GDfrzIZzV_Q5-xtBHjifSGs7t0n3n5Wiqbw&google_hm=eS1nUHF1ZzZsRTJwRkNB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQAbFtIj_AkRd_7mKvMvXM9RKKVPWzWPex2JAGoI2Fuksu004NKC-tijgWLBE_GDfrzIZzV_Q5-xtBHjifSGs7t0n3n5Wiqbw&google_hm=eS1nUHF1ZzZsRTJwRkNBUEprbC5lNXhBMWMuV05WV1Q1NX5B
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQAbFtIj_AkRd_7mKvMvXM9RKKVPWzWPex2JAGoI2Fuksu004NKC-tijgWLBE_GDfrzIZzV_Q5-xtBHjifSGs7t0n3n5Wiqbw&google_hm=eS1nUHF1ZzZsRTJwRkNBUEprbC5lNXhBMWMuV05WV1Q1NX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 998B 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRxmROAGxP5ZxGoQAxu_cxKG84faHkQPCc96jw_CQTi5_ukohwadYXSs7z5Bqu6YYACGe2QJFeAbyiggxBBXv1p15o9EqSdTw&google_gid=CAESEFMCmcSbdRgIlqTdgjMbrgo&google_cver=1
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:33 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
210404
expires
Wed, 20 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 998B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QF16aF-fQveLf1N4keQiQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QF16aF-fQveLf1N4keQiQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS3cKW65t9w_Qf5cV1aHF2sEkIhKghClnLl3Z54VOSY1BSIYavtK2kOPMjfxNFrdpWi_yFkARXzvMEY_2cphMV-m_L51_5ZAw
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QF16aF-fQveLf1N4keQiQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS3cKW65t9w_Qf5cV1aHF2sEkIhKghClnLl3Z54VOSY1BSIYavtK2kOPMjfxNFrdpWi_yFkARXzvMEY_2cphMV-m_L51_5ZAw
date
Wed, 20 Sep 2023 07:03:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 998B
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHr62ISOK305RbrJBEzVUA&google_cver=1&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33v...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHr62ISOK305RbrJBEzVUA&google_cver=1&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33v...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33vC6vRLI5ntr6jg&google_hm=HWfnuGZHME1tQEdOR42J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33vC6vRLI5ntr6jg&google_hm=HWfnuGZHME1tQEdOR42J_oKE
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 20 Sep 2023 07:03:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPSG2dqzl0yp0Xh09MEFe7XY-5cxRW4VWzoyODP5sE9J9P85n7QqMP1TkzhMUFwJZxQDOhlkDzhhaT3L33vC6vRLI5ntr6jg&google_hm=HWfnuGZHME1tQEdOR42J_oKE
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame 998B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEL3d7XmEVJ8HjWYSR34fvK4&google_cver=1&google_push=AXcoOmSMMOFNf3vzQLnPwyjyGKJ4ZLsZvSi0L6Rm1hd5gAYzpLWtPYAkOB_Mz9MZqLkj90ZhzUO9Umy3hC-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMMOFNf3vzQLnPwyjyGKJ4ZLsZvSi0L6Rm1hd5gAYzpLWtPYAkOB_Mz9MZqLkj90ZhzUO9Umy3hC-PM_W7CrodqjZjcN-09Vw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 998B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMFzmrIhnmt3GZE-RL7fVFo&google_cver=1&google_push=AXcoOmQosySiNQZsr...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMFzmrIhnmt3GZE-RL7fVFo%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D&google_gid=CAESEMFzmrIhnmt3GZE-RL7fVFo&google_cver=1&google_push=AXcoOmQosySiNQZsrnZoyNCCXLPhs3Kfgq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D&google_gid=CAESEMFzmrIhnmt3GZE-RL7fVFo&google_cver=1&google_push=AXcoOmQosySiNQZsrnZoyNCCXLPhs3KfgqeiSfiXvIPaTJ7iuNwli3zYGuaOy_t9tXhMzwYYUZoF24T5M0vlW5nP8v-tiwjjvSvV-yc
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
an-x-request-uuid
8d8e932a-4301-4bab-9b2e-3987dec5645f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D&google_gid=CAESEMFzmrIhnmt3GZE-RL7fVFo&google_cver=1&google_push=AXcoOmQosySiNQZsrnZoyNCCXLPhs3KfgqeiSfiXvIPaTJ7iuNwli3zYGuaOy_t9tXhMzwYYUZoF24T5M0vlW5nP8v-tiwjjvSvV-yc
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 998B 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwZ6YR0_BCjD-0JHQI8SA5rJs-YT1BFJZcmh_Tb6T4oLDRRC3K8ECmeBQPaKiTloLLQId5CeQ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fsports.walla.co.il%2F&rl=&if=false&ts=1695193414169&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.2.1695193413257.1970768664&it=1695193411969&coo=false&rqm=GET
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 20 Sep 2023 07:03:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
b30378f076dd2b05726fa13d343ef69be170c9
expansioneggnog.com/send/3f3d4ea53fff6d/ 		288 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expansioneggnog.com/send/3f3d4ea53fff6d/b30378f076dd2b05726fa13d343ef69be170c9
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
759f69c53f84f3be3a047854a87d6636180b6031fba02889eb0b44179aa242b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-hostname
fen-hoothoot-europe-west1-b8mh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 20 Sep 2023 07:03:33 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame F01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F01C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 14 Sep 2024 07:03:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F01C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 14 Sep 2024 07:03:34 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame F01C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=syR5BEfyJ6jnRXLLJ32BTO2W80bT_RjIhWpqWzE14IJqN-nR8m2wbmxjOVjKHmhdVlf801p8-tPoNhfTfEyHnG4cpkAwuEdAfmVWFyCzCqg7mJaG61qHja3LkJmf3Xn9dnb6OM8oyRvy81dMrYk0pQoP-xzk8_s3mDFyEyWoPT8_gT9Aw2fFOKcKFrYfHKDTiDBkJLslQi211ixSORrAh-sbC5Yxn_bWMUzklQZhnof8SN7lirZ_BYc3nkJg0Cpc0x3wwafAi-tIX_-Fo_GgJUhbSddgkpG_1gzrV6cvvc1lsswps5uCF3VJdkkj9x7rQVtIH35l_gTH9Lsa7DKKwZukRCUPtUNz2dD9A9THAPjYuEJvdXBKWGItycTQUoRFwV06SVJ1xm6vbJzTflk9DJZoDrqFsRgMcai6A-SB7F9SdqCX
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1565742
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6BE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6BE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6BE5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 14 Sep 2024 07:03:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6BE5 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 14 Sep 2024 07:03:34 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 6BE5 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QbZofo-xBZIIqKftX6xMjz95MCMlBZ6J-5jn5ZD1p6H9_4L-AHGMYWuSUhr3iZtPTeDQtw2idAhHZCDINcJzQ7KE3we-wMfEYkpqadWkU63WaCm_j7m7w8OWfgdJT4A--RNa23e2F4FvT5TrN7xJGSMROCy2iC9F0TejvS9cUb3NnKHtWRcqvvoh3i3ttqc0iFmNYjVvi0jUOLP8JukYuiL9TvRxkBK2d51sMpI3ODzmWuZH87EZ_s9Fq9v4inoiuIyUkzqjKp3_JQzBus-u7d2XhteiwwvY6wao9GxKBccjWLxwoLjKxNTXHhMxbi7nh2kTtM837-_KGFmGhjeYBjcP7wFgEI896brm4QxEF7bWtHuJumeS5fQoOXdWraOuTB09rqIklil_m0Fo948IAm8CtR4sxLMlfdvEgwuQI4mjW5_C
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1500277
expires
Mon, 26 Jul 1997 05:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 68CF 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKbgSqNmrQ-80UXLVtS0rog&google_cver=1&google_push=AXcoOmSntcg6JLXAlN_QpjilhRFdx1sNKnKZMTrPkZ-_O2BUjvJUKHNre_X7pG8Xmeq6S8QHYpkftGgzz9unb01GfT5OhSZJpbfS
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 68CF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOZ6QlOuao6O_lEPn90aoJg&google_cver=1&google_push=AXcoOmT4V983oNztB2HiMTC4X9l_8MVr7pEhwbD7lcpepu_CyGjERvJYLP0a7psZIGvwnGPeHEyGRj1DcXKqgoQ5ki64TqHyX9yO
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 68CF
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELsWq3F5AoMHGFWHQeveuW8&google_cver=1&google_push=AXcoOmSk2azm36sHgRhew6TSb8vOnCQFeAzzAvtkONg_HItj9HkbUymsvZ4wDJp0ZQuks7M9IBP5CzwdF5l07HoM...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YzVtKpyUSvUblVQrhxcYxA&google_push=AXcoOmSk2azm36sHgRhew6TSb8vOnCQFeAzzAvtkONg_HItj9HkbUymsvZ4wDJp0ZQuks7M9IBP5CzwdF5l07HoMefmMgL6uvTnb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YzVtKpyUSvUblVQrhxcYxA&google_push=AXcoOmSk2azm36sHgRhew6TSb8vOnCQFeAzzAvtkONg_HItj9HkbUymsvZ4wDJp0ZQuks7M9IBP5CzwdF5l07HoMefmMgL6uvTnb
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YzVtKpyUSvUblVQrhxcYxA&google_push=AXcoOmSk2azm36sHgRhew6TSb8vOnCQFeAzzAvtkONg_HItj9HkbUymsvZ4wDJp0ZQuks7M9IBP5CzwdF5l07HoMefmMgL6uvTnb
x-host
tde-deliveryengine-production-78865f7dd9-4brpf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 68CF 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENyNvveqCgzY05y936ca7B8&google_cver=1&google_push=AXcoOmSOrHgistQCluIOo44i2Nsz7wQ5TulKPIvwRW9BK_1T8vDmYJ8wct7-VMWc7XMaq12ct6bgwwhbVBIols3swE52L-nTjIhb
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.225.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-225-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 68CF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBETYZRoGJvStf4Zx6tMBGg&google_cver=1&google_push=AXcoOmQabXcXZlD1dAqLl8LqQpulwVbJ-7OV8S6QOgCXPloFMoRaxD7L0Kib2FBOxF8dOs5aioF...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SRUUwOVYtWS1KUkw3&google_push=AXcoOmQabXcXZlD1dAqLl8LqQpulwVbJ-7OV8S6QOgCXPloFMoRaxD7L0Kib2FBOxF8dOs5aioFYGHyFuk3LhbKFf29Z3DLDL4Hh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SRUUwOVYtWS1KUkw3&google_push=AXcoOmQabXcXZlD1dAqLl8LqQpulwVbJ-7OV8S6QOgCXPloFMoRaxD7L0Kib2FBOxF8dOs5aioFYGHyFuk3LhbKFf29Z3DLDL4Hh
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SRUUwOVYtWS1KUkw3&google_push=AXcoOmQabXcXZlD1dAqLl8LqQpulwVbJ-7OV8S6QOgCXPloFMoRaxD7L0Kib2FBOxF8dOs5aioFYGHyFuk3LhbKFf29Z3DLDL4Hh
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 68CF
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHr62ISOK305RbrJBEzVUA&google_cver=1&google_push=AXcoOmQ2pchqmECpT3Ax6MVqOQZnxwIUqciyubeMZfyTpvWyDbK1lcI_wUyHWMPjWKm_ZbG53uPFEHEqN76gMtZfh...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2pchqmECpT3Ax6MVqOQZnxwIUqciyubeMZfyTpvWyDbK1lcI_wUyHWMPjWKm_ZbG53uPFEHEqN76gMtZfh2ifmGFb1iY&google_hm=HWfnuGZHME1tQEdOR42J_oKE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2pchqmECpT3Ax6MVqOQZnxwIUqciyubeMZfyTpvWyDbK1lcI_wUyHWMPjWKm_ZbG53uPFEHEqN76gMtZfh2ifmGFb1iY&google_hm=HWfnuGZHME1tQEdOR42J_oKE
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 20 Sep 2023 07:03:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2pchqmECpT3Ax6MVqOQZnxwIUqciyubeMZfyTpvWyDbK1lcI_wUyHWMPjWKm_ZbG53uPFEHEqN76gMtZfh2ifmGFb1iY&google_hm=HWfnuGZHME1tQEdOR42J_oKE
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 68CF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL3d7XmEVJ8HjWYSR34fvK4&google_cver=1&google_push=AXcoOmQw3fntuMR5aY0nDs_QtMztfVVJBGbBEK71A385DSgAFhQFXzRZPQpyQpGnSa_iVZlO5XKocdwOWraG...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQw3fntuMR5aY0nDs_QtMztfVVJBGbBEK71A385DSgAFhQFXzRZPQpyQpGnSa_iVZlO5XKocdwOWraGScoSfRzkqg2qg1A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQw3fntuMR5aY0nDs_QtMztfVVJBGbBEK71A385DSgAFhQFXzRZPQpyQpGnSa_iVZlO5XKocdwOWraGScoSfRzkqg2qg1A
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQw3fntuMR5aY0nDs_QtMztfVVJBGbBEK71A385DSgAFhQFXzRZPQpyQpGnSa_iVZlO5XKocdwOWraGScoSfRzkqg2qg1A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 68CF 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4VDyHmcvKh3Cll4WjO24TgnJmbIMV9Q-R73ZbyXZ_raEggMmcH8BHyZMHrOfQEFfR43wZ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/tr/ Frame DF52 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sports.walla.co.il
Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:34 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
651333
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
809835979f793618-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F01C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2984825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFcGId5rd0%2B%2F0I%2BnGR9gMlQA1V7XijE2tKYMjvnVSs5muKS2vIQZeBVo7F9poyqNZ2ADoTK%2BZnDBbIxkeS51qBpc7AE1k3XbGiXY4duonnlkqN0%2FOP6emQtPu3%2FM8%2FNX4KC4D2cEBjyYbQYyK4Er73fD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80983597b8f79b4c-FRA
expires
Mon, 09 Sep 2024 07:03:34 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.0/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1202339
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36498
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Wed, 06 Sep 2023 09:01:32 GMT
server
AmazonS3
x-timer
S1695193414.390868,VS0,VE0
etag
"1865860838c0a4f202ab61510882ea01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits
87004
feed-card-placeholder.20230919-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230919-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3ab40d1447a40939137c342767efdcb45c4c048064c35c2717809e16c830173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
qywItjFhq2GD7jDBIVgQ4LqOH1aWE5dJ
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
P865JC0FZE0KBN21
age
73517
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ImMgLkYgIbnnfIdjvnZWqS5hNd3Wi9QqOAgWlRHVgVQDBdgVJhT21j/n0cop30DxvZ5osuW5hyg=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 10:38:18 GMT
server
AmazonS3
x-timer
S1695193414.371574,VS0,VE0
etag
"0221583e8044ceb7273849b9316a84ca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
88
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
20941
userx.20230919-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230919-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
747eb3e5b7e723a442751f9cf49391793691a6d943410c77cf5228bfe5fab878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
_KkxRmneGt69K4Slk4OIuMTYIh7vx8ph
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
26H5BAE5A13XFS3M
age
73490
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
L63Wm85pdkGHAo/oxlS9rIev3xONq21P1lfSmL0BalrbNI8sFe7959CN4IjGRSPOsLWWASDKOEM=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 10:38:44 GMT
server
AmazonS3
x-timer
S1695193414.405265,VS0,VE0
etag
"313620990ab849f5ad407b6b7b30de5c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5770
distance-from-article.20230919-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230919-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0265fa51f7836e510b3d6586f64d4c81e93fa4102b44e62d57ef7a78b1b79e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Q1ccOvD9nkJRrGwdso9dBNNTQAMieESD
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
YJMJA7PKAC2J3NVW
age
73521
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
rCptldT7Fy6luLCkuv0gQm83Dho4CBPfTfeIkXvYuUBletVh8Dd3h293vauSgDs3Xx1xyFkwImQ=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 10:38:13 GMT
server
AmazonS3
x-timer
S1695193414.406536,VS0,VE0
etag
"96109dbafacf3afad759aa88db3823f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22592
article-detection.20230919-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230919-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63dce34729621fca0a4e5256dec88beaced89985dac9e2ec573140c7172b66c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
9IK7VVpjTh4S87SF6IC6vr2wrPwvVDQ2
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
83GCJNWFA37EJ9EG
age
73527
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
g8/zLFvOfYoJPbN6UlbHttJbZ9NSpqSOz3TFumrzyWRiHybLZrZ78ZmqgLCvLsMLSFFlGIQsfeI=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 10:38:07 GMT
server
AmazonS3
x-timer
S1695193414.406633,VS0,VE0
etag
"69154ef3a2487f4e1862dea261c85ea5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
85
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22596
article-and-feed-area-scanner.20230919-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230919-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca1751fc37d4405c7c284c050904ab43d3a06be8a1fac5d3388aa8c8d8e89e2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
ZYUHjFMxLdZvKwtdPgw792oP3i.XKbB.
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
SRQ2Z499RDWETZKQ
age
73530
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1147
x-amz-id-2
X5njs9O4CrbxthiCjNJT5XedfaNksVGVts/TjS7kSLy0MVXgSHvGOdjg2AmpBU8bJ7qLCFVuDXc=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 10:38:05 GMT
server
AmazonS3
x-timer
S1695193414.409791,VS0,VE0
etag
"6149a809098e7a789a58422fb67e25d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8375
pubs-generic
trc.taboola.com/wallail-walla/log/3/ 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/wallail-walla/log/3/pubs-generic?route=AM:AM:V&tvi48=12004&tvi50=12238&lti=deflated&ri=110fc540097cb09205188ab1771908f1&sd=v2_06e642cfcbc028e879bbdbd99f232e4e_3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5_1695193413_1695193413_CNawjgYQk-FcGO7tmourMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABolriLlKfb-47xAXAA&ui=3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5&pi=/&wi=7025978351414212080&pt=category&vi=1695193413358&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1695193414370%7D&tim=09%3A03%3A34.371&id=4669&llvl=2&cv=20230919-1-RELEASE&
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7571
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
pragma
no-cache
server
nginx
x-timer
S1695193414.445614,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=09%3A03%3A34.371&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=5946&cv=20230919-1-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola_endless_category%22%5D&vi=1695193413358
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12036
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&tvi48=12004&tvi50=12238&lti=deflated&ri=110fc540097cb09205188ab1771908f1&sd=v2_06e642cfcbc028e879bbdbd99f232e4e_3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5_1695193413_1695193413_CNawjgYQk-FcGO7tmourMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABolriLlKfb-47xAXAA&ui=3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5&pi=/&wi=7025978351414212080&pt=category&vi=1695193413358&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1695193414394%7D&tim=09%3A03%3A34.394&id=1369&llvl=2&cv=20230919-1-RELEASE&
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ai.aspx
tagm.tchibo.de/ 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tagm.tchibo.de/ai.aspx?extProvID=113&extProvApi=128152&extPu=51132&extLi=NF_Vermarkterportfolio_Inhouse_2023&extSi=RON&extCr=1000x600_DE_HVK_NF_2023KW38_BodyValue&addomain=wallail-walla
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 20 Sep 2023 07:03:34 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
821
Expires
Mon, 26 Jul 1997 05:00:00 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
29
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1695193414.463651,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
13
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
40
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6BE5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2984825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxiLR6r2JZ%2BnsyrEt2xcTwbTG2gR6l%2B4EXF890HGywuuOCyrrfbkC27OnFGkYzcKksF5iQqtamkswMmldmexOG3fp%2B090HR8djVFGaprb%2BEWJ%2BHFWIDr8Ml4%2BSQpP6aYos9aZrqAbPwCblYeHwFpWrZ%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80983598ca819b4c-FRA
expires
Mon, 09 Sep 2024 07:03:34 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=633202485.1695193411&jid=1272512529&gjid=744292120&_gid=301290989.1695193411&_u=aHDAAEABEAAAACAUI~&z=562937228
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8E17 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVZk-1GGwqMLukNmAqjUHIWwVOOLa6A2iwti9sq3iH-PGzRXVZW9bohJP1PCeSRK4rclpYWyzBgPfMx9lAlYrv93ZhZqM_f15VXah-11BgB23wehYcDaFKIqEW4BPp1Z9Vsjz4v6Ae_BGIKDrn2UkOOy4F62Vs-1HSwN6HQfg6SfY-pHIY
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4B5A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0-1WxfcTAcU_LcfGKoeGJJp5FmGZnqvC_quqz6s_qQDHRf71xOkswZDAZmYjHX6v1Cs2KhxMhncCkfpnXarjZpJKVF5mt79OpUyFratBPKjoGIYg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17854890235103020639&x=1&ct=76
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 4B5A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 4B5A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
l
www.google.com/ads/measurement/ Frame 4B5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDLyk_uVbxWsoaOOy62wzxlsM37uIeSCW8tSJubJMM2jz61ic0ZivYkVpZCXlF3NQWt2DreEKARq0qnB4PjfD4ZuuscQ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B5A 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:34 GMT
Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 451C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
1016
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:41 GMT
etag
11900953634711111692
expires
Thu, 21 Sep 2023 06:34:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 67F1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
39999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 81D7 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 67F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 67F1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4908 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi-6cn1ATAB&v=APEucNVTug1dP0O8sS41SI20WPcygo6He5aAVJ64CL32mHNxk9qB6uS8CgJZgGJEShUubRBiu2bDlp89EY6nY-42n9RtKHyJ84y0_GE9KgRN1jS15eroYlDb4xfdJwkrSL9ixXFwXP6g3jgjFHTSmNsNSs0mq8gkUTKo4ksAiTni-VU3jFEwrjU
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A253 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A253 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4FXUrUsHq2z7jdbcSjO52E0Ph64N0pt-6pRxcu-XmGGUSgc-OP0UtVgxl-JehkU7iyIORHYwOKgup3QWaxwz6sZ7S-yt-QrZ5FyfkKdjGttkwBZA
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A253 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7834978199591729859&x=1&ct=76
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame A253 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame A253 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
l
www.google.com/ads/measurement/ Frame A253 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1j1q_JYxzvDW0ILrIrf17nM2xrGME4S1nI6lX2g8DInGqdOrJrSfdhEndmZOmIiDDzVmjUfM3i6ajHJylzQ0YSH63dA
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A253 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:34 GMT
truncated
/ Frame 1E7F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5515492751f706e4b1c94f4e1f838ed0cd927d907a59b01f6e7dad8308d028cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E46D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
917fbeefc58291237d8e985cecedcd47dd70ca74768b9938b5f684525a38cf51

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1EC9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a0d4a5e6050901fe74867c0130beef2143255c7aedc2233ea5e476671147fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0306 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38a8f0e2f0e6e69fef5de3690865b0a2132a0a8035699ab1eaef61d8091a62f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EB10 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb755ed1990de92477637d62ccf2ed80320ddaaa9008aa2d2744a2f1f6bc7053

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 23B4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
600d77b130a069ef6d0024384927c5791421df1d9d3e3823b4d89aff36307d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 44A8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69871080b9869dcfdc348e3c11f958bbd17ac10994b8feaebabadc5b2d187846

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff
static.criteo.net/design/dt/ Frame 6BE5 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 30 May 2018 09:59:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0e75fd-e98d"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
static.criteo.net/design/dt/ Frame 6BE5 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 30 May 2018 09:59:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0e75fd-10316"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
truncated
/ Frame 6961 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83e1433c9cb4e31250fefced6c97bfb94f0eae1c90f299e946e2c11487e3e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame F01C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
social
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:AM:V&tvi48=12004&tvi50=12238&lti=deflated&ri=110fc540097cb09205188ab1771908f1&sd=v2_06e642cfcbc028e879bbdbd99f232e4e_3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5_1695193413_1695193413_CNawjgYQk-FcGO7tmourMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABolriLlKfb-47xAXAA&ui=3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5&pi=/&wi=7025978351414212080&pt=category&vi=1695193413358&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fsports.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%22%2C%22sec%22%3A%22%D7%A1%D7%A4%D7%95%D7%A8%D7%98%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F1%2F8%2F9%2F2%2F1892167-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A03%3A34.725&id=9579&llvl=2&cv=20230919-1-RELEASE&
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
non-responsive-widget.20230919-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/non-responsive-widget.20230919-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc27af8b024785556664a1a702ca97f8fda271b4b666461885a8e1189200dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
7TBe0l3jpnGw81wE0w.SnQSoY9wxWQcl
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:34 GMT
x-amz-request-id
A27X0NK89C7XHK72
age
73506
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5645
x-amz-id-2
leY3wFUN0IKVxHhLH/d8jXi6vB3W1EW0HNOs367tJdvWhkRvST/WvgTb7Wl7QtYDsPr/TE4JhXk=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 19 Sep 2023 10:38:28 GMT
server
AmazonS3
x-timer
S1695193415.731237,VS0,VE0
etag
"046725c90b6f601acdc34ea7688832dc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
653
ee7daccbc83c2dd21c9935c27e3c1f94.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee7daccbc83c2dd21c9935c27e3c1f94.jpeg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6960addd84617a7b2dbae8ffd88699ebca61162ed47278f01f7a9ace63140323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee7daccbc83c2dd21c9935c27e3c1f94.jpeg
age
1866310
edge-cache-tag
512920603413959726271238159001589142132,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
512920603413959726271238159001589142132,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
269
req-referer
https://www.sport1.de/
content-length
75762
x-request-id
35194edaf93820cfb8bfb90f0f20f5a7
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kiad7000101-IAD, cache-iad-kjyo7100055-IAD, cache-fra-etou8220090-FRA
last-modified
Tue, 29 Aug 2023 16:38:13 GMT
server
nginx
x-timer
S1695193415.787131,VS0,VE2
etag
"0ed203add3f4a8783eaa6dc470bba2c0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 9, 1
9e023c5dfed868cb1a76dbb9b7e54bc1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e023c5dfed868cb1a76dbb9b7e54bc1.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6c9da78d2407a188021bdf6e4d375e1d6f3a653607919575d38fa36b3a5039f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e023c5dfed868cb1a76dbb9b7e54bc1.jpg
age
108861
edge-cache-tag
520009922717879113294045132027941718259,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
520009922717879113294045132027941718259,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
613
req-referer
https://news.livedoor.com/
content-length
6634
x-request-id
e79acefd70eb84cb84305ff167f47fcb
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100152-IAD, cache-iad-kjyo7100109-IAD, cache-lax10635-LGB, cache-iad-kjyo7100176-IAD, cache-fra-etou8220090-FRA
last-modified
Fri, 15 Sep 2023 09:18:27 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=10775,owidth=1000,oheight=600,obytes=98436
x-timer
S1695193415.787047,VS0,VE1
etag
"3866bbca70e866453ca12a9e8e955c7b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
1aa6c2c3ef88a807dcfb86cf10bbc3e0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1aa6c2c3ef88a807dcfb86cf10bbc3e0.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b0e1d4db6eba6faa561278483ca7ea89d0e01a9a1cf4b562b91bf8030885a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1aa6c2c3ef88a807dcfb86cf10bbc3e0.jpg
age
1709348
edge-cache-tag
601107433647728834937653647247485247796,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
601107433647728834937653647247485247796,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
377
req-referer
https://ultimosegundo.ig.com.br/
content-length
18218
x-request-id
d7373034a52abe1f5d32a668b773e34d
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kjyo7100028-IAD, cache-sna10745-LGB, cache-iad-kcgs7200127-IAD, cache-fra-etou8220090-FRA
last-modified
Thu, 31 Aug 2023 10:20:44 GMT
server
nginx
x-timer
S1695193415.789771,VS0,VE0
etag
"de5695767d0f6306b8aec121c314f2c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 49, 57
18a8dc08f2133c963b22e90ffc5044a5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18a8dc08f2133c963b22e90ffc5044a5.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c9e975a473cdd1f699b032fe773548960f7d438d4ef8f0f696aa4d287fa0574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18a8dc08f2133c963b22e90ffc5044a5.png
age
481636
edge-cache-tag
615930726015541687749927552125521377298,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
615930726015541687749927552125521377298,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
220
req-referer
https://www.t-online.de/
content-length
20622
x-request-id
1a60eb8696d2062369a4bc013d6f352d
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kiad7000054-IAD, cache-iad-kcgs7200103-IAD, cache-fra-etou8220090-FRA
last-modified
Wed, 13 Sep 2023 17:29:21 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=66911,owidth=1000,oheight=600,obytes=289654
x-timer
S1695193415.791824,VS0,VE1
etag
"0219d68429163a0a3ef8e901e7ea9954"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
3530400-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/3/0/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/3/0/3530400-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54b025517ad210a73c9972b3b75acb59adf60f95ad71afa1c0afc99c4d5e1410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/3/0/3530400-46.jpg
age
5394901
edge-cache-tag
346818725588011573606414518538335102831,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
346818725588011573606414518538335102831,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
1303
expiration
expiry-date="Sat, 22 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.walla.co.il/
content-length
13478
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000122-IAD, cache-iad-kjyo7100168-IAD, cache-sna10731-LGB, cache-iad-kiad7000105-IAD, cache-fra-etou8220090-FRA
last-modified
Wed, 21 Jun 2023 00:15:51 GMT
server
nginx
x-timer
S1695193415.792416,VS0,VE1
etag
"7d4b449b7245088b8d261a6b0f7f557d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 26, 1
3601753-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/1/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/1/3601753-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cd2ff1d66cd69b3cfcecb252f2cf1dc819921c1c24520da3485c1a8fb37b3f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/1/3601753-46.jpg
age
178715
edge-cache-tag
515926163818814636612664841160384206155,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
515926163818814636612664841160384206155,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
121
req-referer
https://news.walla.co.il/
content-length
9268
x-request-id
0a6ac9f982053df949b1187f6eacfa92
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kiad7000162-IAD, cache-iad-kjyo7100133-IAD, cache-fra-etou8220090-FRA
last-modified
Mon, 18 Sep 2023 05:14:59 GMT
server
nginx
surrogate-reporting
width=371,height=206,bytes=11376,owidth=371,oheight=208,obytes=8772
x-timer
S1695193415.792957,VS0,VE0
etag
"234ebd5f1145286a6d4950a3bfa89b94"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3, 2
035949a932071eed91b0a32888ef7878.jpg
images.taboola.com/taboola/image/fetch/h_390,w_780,c_fill,g_xy_center,x_500,y_263/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_390,w_780,c_fill,g_xy_center,x_500,y_263/http%3A//cdn.taboola.com/libtrc/static/thumbnails/035949a932071eed91b0a32888ef7878.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a0eadc52e3dba13c3c60a244a4b963c3ac5165a81cc986f87cbb479e5bd905c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_390,w_780,c_fill,g_xy_center,x_500,y_263/http%3A//cdn.taboola.com/libtrc/static/thumbnails/035949a932071eed91b0a32888ef7878.jpg
age
2652866
edge-cache-tag
360399071916705135221224652693513936672,336890140978704664372359493246646432211,29ecf9b93bbf306179626feeda1fab70
cache-tag
360399071916705135221224652693513936672,336890140978704664372359493246646432211,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
301
expiration
expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.suedkurier.de/
content-length
10948
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100114-IAD, cache-sna10722-LGB, cache-iad-kiad7000031-IAD, cache-fra-etou8220090-FRA
last-modified
Sat, 22 Jul 2023 11:12:30 GMT
server
nginx
x-timer
S1695193415.802757,VS0,VE1
etag
"a0ae39eb302e647360cf4f42ecafb3bb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 47, 1, 7, 1
animejs.js
static.criteo.net/animejs/ Frame 6BE5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=633202485.1695193411&jid=1272512529&_u=aHDAAEABEAAAACAUI~&z=1935274236
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=633202485.1695193411&jid=1272512529&_u=aHDAAEABEAAAACAUI~&z=1935274236
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 451C 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25356
x-xss-protection
0
server
cafe
etag
15511454539072389427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 21 Sep 2023 06:56:34 GMT
Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 451C 		199 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
9222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66166
x-xss-protection
0
server
cafe
etag
5199203132765013944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 21 Sep 2023 04:29:52 GMT
Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 451C 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
1008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1758
x-xss-protection
0
server
cafe
etag
15825927903621683888
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 21 Sep 2023 06:46:46 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
43 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVZk-1GGwqMLukNmAqjUHIWwVOOLa6A2iwti9sq3iH-PGzRXVZW9bohJP1PCeSRK4rclpYWyzBgPfMx9lAlYrv93ZhZqM_f15VXah-11BgB23wehYcDaFKIqEW4BPp1Z9Vsjz4v6Ae_BGIKDrn2UkOOy4F62Vs-1HSwN6HQfg6SfY-pHIY
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91NCSfi1XaPR%2F0yKaF4ScjarN1HNK9lntvZGQBu4s%2BfGe90hZqE2mCa4kodkKdVO1Ey%2B7zoXos4K6luhf7KQWeshroVkpbxRcdTQtii%2FjKFAJbEYPK%2Fud0i93DeOhCbZcLS3%2BN2mMnOC5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8098359c3e714d38-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E17
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQqZRksIolP6ZNngKvsK6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVZk-1GGwqMLukNmAqjUHIWwVOOLa6A2iwti9sq3iH-PGzRXVZW9bohJP1PCeSRK4rclpYWyzBgPfMx9lAlYrv93ZhZqM_f15VXah-11BgB23wehYcDaFKIqEW4BPp1Z9Vsjz4v6Ae_BGIKDrn2UkOOy4F62Vs-1HSwN6HQfg6SfY-pHIY
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0BbPApSvMpZtXmbER0X3nT7k8i1HJWDwn5TArfZRABoSpQqQu7Xg4btn7YwC9cEnryE4AsWuFTb9ZQz%2FLjzvZbGt8KHxyCsHTyFN5zIPKmj2XyeiAblfWqvi0YogLSUfmeI3wxjrDD9vzqYv6HKExNOcysmzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8098359deead9b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8E17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVZk-1GGwqMLukNmAqjUHIWwVOOLa6A2iwti9sq3iH-PGzRXVZW9bohJP1PCeSRK4rclpYWyzBgPfMx9lAlYrv93ZhZqM_f15VXah-11BgB23wehYcDaFKIqEW4BPp1Z9Vsjz4v6Ae_BGIKDrn2UkOOy4F62Vs-1HSwN6HQfg6SfY-pHIY
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
an-x-request-uuid
8b492a69-68b7-4184-89a9-4da140211c96
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8E17
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVZk-1GGwqMLukNmAqjUHIWwVOOLa6A2iwti9sq3iH-PGzRXVZW9bohJP1PCeSRK4rclpYWyzBgPfMx9lAlYrv93ZhZqM_f15VXah-11BgB23wehYcDaFKIqEW4BPp1Z9Vsjz4v6Ae_BGIKDrn2UkOOy4F62Vs-1HSwN6HQfg6SfY-pHIY
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
an-x-request-uuid
753a23af-a18c-4a45-833e-d16a8bf70917
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4908
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
43 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi-6cn1ATAB&v=APEucNVTug1dP0O8sS41SI20WPcygo6He5aAVJ64CL32mHNxk9qB6uS8CgJZgGJEShUubRBiu2bDlp89EY6nY-42n9RtKHyJ84y0_GE9KgRN1jS15eroYlDb4xfdJwkrSL9ixXFwXP6g3jgjFHTSmNsNSs0mq8gkUTKo4ksAiTni-VU3jFEwrjU
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUquXWNMwgk3XjuZzgwFiWqajBRtl1Zw15NigYJbdj51ZZJRptkG%2BsD8QFbSHpTdvPscEliJE%2F64jClQgvzaF%2B0nro0PJ0qW9BJpPVe3RwioYnvv0gwJwYf940L%2BqW6MhC2G9wxTIUJSdmka1ouoZrF0JZWDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8098359c4c749b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4908
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQqZRksIolP6ZNngKvsK6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi-6cn1ATAB&v=APEucNVTug1dP0O8sS41SI20WPcygo6He5aAVJ64CL32mHNxk9qB6uS8CgJZgGJEShUubRBiu2bDlp89EY6nY-42n9RtKHyJ84y0_GE9KgRN1jS15eroYlDb4xfdJwkrSL9ixXFwXP6g3jgjFHTSmNsNSs0mq8gkUTKo4ksAiTni-VU3jFEwrjU
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze8etcMTpZ3C6C98G5MwLgJ3BpBgLa8ByiSRLOsmS%2FGN%2Ffwsdel16e%2BfvgJelAV4nAEFbLs9ul43B5yg10nBytTIPWAb54ptrumOgkRtrr0NFO%2BATPZP%2F4IwGVVcIZMcYHrG8Xlh2O7CQh0fZnoBfoTTHkIJyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8098359deeb59b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe5sS277gI2-HsfxsNiK6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4908
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi-6cn1ATAB&v=APEucNVTug1dP0O8sS41SI20WPcygo6He5aAVJ64CL32mHNxk9qB6uS8CgJZgGJEShUubRBiu2bDlp89EY6nY-42n9RtKHyJ84y0_GE9KgRN1jS15eroYlDb4xfdJwkrSL9ixXFwXP6g3jgjFHTSmNsNSs0mq8gkUTKo4ksAiTni-VU3jFEwrjU
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
an-x-request-uuid
cee8fd18-64c9-40c2-a079-b956c47c46d3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwDgPFyqHcZVQxaOqLRq5Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4908
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi-6cn1ATAB&v=APEucNVTug1dP0O8sS41SI20WPcygo6He5aAVJ64CL32mHNxk9qB6uS8CgJZgGJEShUubRBiu2bDlp89EY6nY-42n9RtKHyJ84y0_GE9KgRN1jS15eroYlDb4xfdJwkrSL9ixXFwXP6g3jgjFHTSmNsNSs0mq8gkUTKo4ksAiTni-VU3jFEwrjU
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
an-x-request-uuid
1cbc29d3-8e80-40b0-9369-aeaf963f103c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NjU1NjYyNTQ5NTg5NjE2OQ%3D%3D
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame F01C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=156&m=0&partner=62082&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F62082%2F221021%2F187909863d90468bb96b7f6b71992fc6_fb-logo-squared.jpg&v=3&w=196&s=8-W09f70sIHtBd_csvwoSx5I
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
530ad39602a9607f310ac6e151f980d357c1780c6969e11439e4ce7445d2b892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=31104000
content-length
1440
expires
Sat, 31 Aug 2024 01:34:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame F01C 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=62082&q=80&r=0&u=https%3A%2F%2Fstatic.form.bar%2Fgenerated%2Fimg%2Fe7f66503a9560b0261325bd37bd655dd-full.jpg&v=3&w=400&s=vF5eau1ibNwB9AZqVbWoU7AE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0a03e30f7fe8de02122d57bf456273419b17b9e8917100f5fda7f8e173458478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
19932
expires
Sat, 14 Oct 2023 08:12:46 GMT
img
imageproxy.eu.criteo.net/img/ Frame F01C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=62082&q=80&r=0&u=https%3A%2F%2Fstatic.form.bar%2Fgenerated%2Fimg%2Fe6336ea7054fd6724017421fea0058db-full.jpg&v=3&w=400&s=IZEqW9qMfX1qih4KDp052Tj0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
78048b8193e02239e93791e60498b02e98eac3ce76b46085286b8613be236631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
8512
expires
Sun, 15 Oct 2023 15:01:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame F01C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=62082&q=80&r=0&u=https%3A%2F%2Fstatic.form.bar%2Fgenerated%2Fimg%2F3c7d5706921d4579fb213b1d7c0b0409-full.jpg&v=3&w=400&s=hNsnLp8l78iXy2guO1Lg0opH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9ff8701844b2c462d6a59cf247d270a655236d850948026ea952e77575b098a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13114
expires
Sat, 14 Oct 2023 19:56:08 GMT
all
csm.eu.criteo.net/ Frame F01C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=YTZ8_HS5Bd5uLVgukMkfd23GfErTT0L3gHJOZRvK2vtjIJjpAD6TBBqj9JNhzcWWkGwrs4Eaut6Ix4E9vA1603-eqPvXu_yJbNTlwnVj8XlXQtcS8BkS2xSyuZh9hDZb7PsNSLktbDoMLMWndIzdAUmk2XYIEvtce0GW6W1XJaZ8vZ1oVwtZ06USoqWYj0x6lX4JEqBzFDe6Awi9asrr2otPTFdoJSB2Qi1KAmUJJMZnqRUPw5LrND6jdb8PfJVHAaUEzw&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:34 GMT
af22dd2ff36546851fee3cde00616148.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af22dd2ff36546851fee3cde00616148.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8df4773d9eab90bc26d9d75bf09bd7ac934af9222a5dfe62bf4fac6a2310975b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af22dd2ff36546851fee3cde00616148.jpg
age
420391
edge-cache-tag
355803611059134178870490975046975890826,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
355803611059134178870490975046975890826,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
378
req-referer
https://www.pronews.gr/
content-length
10396
x-request-id
51030fb44f121d056e6c71097b2ac4f9
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000104-IAD, cache-iad-kjyo7100049-IAD, cache-sna10725-LGB, cache-iad-kjyo7100026-IAD, cache-fra-etou8220090-FRA
last-modified
Fri, 15 Sep 2023 07:28:39 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=16304,owidth=1000,oheight=600,obytes=344483
x-timer
S1695193415.962422,VS0,VE1
etag
"dd1ad46b179d118b36514a591598ce5e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
britain-royal-wedding7.jpg%3Fw%3D1024
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.mercurynews.com/wp-content/uploads/2018/05/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.mercurynews.com/wp-content/uploads/2018/05/britain-royal-wedding7.jpg%3Fw%3D1024
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6bdabb3010b7d438127960a7cd1678cd67b605863fcf90bd870987f63553c5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.mercurynews.com/wp-content/uploads/2018/05/britain-royal-wedding7.jpg%3Fw%3D1024
age
1277830
edge-cache-tag
403581946667377700144441008594528312450,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
403581946667377700144441008594528312450,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
319
req-referer
https://happyhunde.de/
content-length
10398
x-request-id
9c98695d82aa5184dd5dbc2a02ef8c38
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100176-IAD, cache-iad-kjyo7100077-IAD, cache-fra-etou8220090-FRA
last-modified
Tue, 05 Sep 2023 11:31:48 GMT
server
nginx
x-timer
S1695193415.962701,VS0,VE0
etag
"378155083c99e21eec5eb78dce07cb70"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 4, 2
545a1d22e3ae9fc5b3a653d187e2da4e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/545a1d22e3ae9fc5b3a653d187e2da4e.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b3ba9b30e4170468eeb874e66b6c2a2dee88b8e07fba6c308089acee8ac2079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/545a1d22e3ae9fc5b3a653d187e2da4e.png
age
553035
edge-cache-tag
485898204853517084137782736606513669767,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
485898204853517084137782736606513669767,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
184
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://de.webfail.com/
content-length
13878
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000020-IAD, cache-iad-kiad7000120-IAD, cache-iad-kcgs7200103-IAD, cache-fra-etou8220090-FRA
last-modified
Tue, 22 Aug 2023 17:29:36 GMT
server
nginx
surrogate-reporting
width=360,height=200,owidth=1200,oheight=800,obytes=970548
x-timer
S1695193415.966071,VS0,VE1
etag
"0df3f0a85e2a3cf0aa7315ae8acd7385"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 17, 1
794ac9177884519118ce763a2aee8616.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/794ac9177884519118ce763a2aee8616.jpeg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6cd1c39dc434d83d0d75e0b9b5583aadb7cfd810a322a67c6d38577de351cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 20 Sep 2023 07:03:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/794ac9177884519118ce763a2aee8616.jpeg
age
2597648
edge-cache-tag
461789431083617387964746617190211931527,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
461789431083617387964746617190211931527,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
124
expiration
expiry-date="Tue, 05 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://celtsarehere.com/
content-length
21726
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200137-IAD, cache-iad-kjyo7100168-IAD, cache-iad-kjyo7100097-IAD, cache-fra-etou8220090-FRA
last-modified
Sat, 05 Aug 2023 14:25:35 GMT
server
nginx
x-timer
S1695193415.975421,VS0,VE0
etag
"75c596b1a4432955f791db3d929503ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 128, 4
img
imageproxy.eu.criteo.net/img/ Frame 6BE5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=186&m=0&partner=49788&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F49788%2F180606%2Fd2747e8bfc464c829e15f92f21b511fc_logo_n_horizontal_ligh_rollover_bauh.jpg&v=3&w=228&s=XcT1wvJQeIRC8NCcKkXLmuqj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
101524d3c9d05e1d29dd563853dd40305624d250d4a5b231ca1db78a4a420c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=31104000
content-length
3136
expires
Sat, 31 Aug 2024 02:37:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6BE5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F280864%2F12.jpg&v=3&w=400&s=W3_NHElKab0TSjGKTKgRrpXx&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
339a142b74d654e469fe04d9e4956f07f1a55018e7b2b032080967df7671d07d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=600000
content-length
8556
expires
Fri, 22 Sep 2023 14:58:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6BE5 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1554787%2F12.jpg&v=3&w=400&s=0TVE-cqIhU6jZcFGaYkBHMnt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ca2ecf5ecce0b36982d8b3700d1890c98a4e30a137541b7264d1adf50b3a9400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=600000
content-length
15608
expires
Fri, 22 Sep 2023 07:11:39 GMT
all
csm.eu.criteo.net/ Frame 6BE5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Z4hCKHS5Bd5uLVgu0CJKnbjEiOQflHdPTEKh-ipGnTRBG3rsqw6mdgHv7ItXE68odSB9_PZie-xtT0wWNKX2B6FUCF5T7yqRZ5M5tv4HwTrVxMbuL0lXkBPb2MeYiTcFCwu37Pr6uQepcUclsWIgblEvbcQXz5KLOHbFv20cOPA47YZH33VbYIiEY0nUkluz7MIkcYinBFBH7oCIH-RO0wxSezaN38oDzB0jTZyZZq-zkl-g6v2aCnA1svQDMnByOE9SDQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6BE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6BE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1016780490804&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1016780490804&version=m202309120101&ct=76&x=1&cor=17854890235103021000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4B5A 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWSDEvTCPaqbZ-CJmRkni4UYUtYte_PrOAsByNIDFCuirQfc-2R6UgpJyPLobqkK4JRcdYDdOrb9Nkrsw8FbrVF_W9jaIkAoCrwW7YM8je5K7Iob-g0fRUIqxCln5bEC66a6C-pDtrXMdVVMNgRnctCzuVbYFiStBH4s7p2PUIoMxo8_g&dbm_d=AKAmf-DIJqm6Z3FRUHX5L6Fi7mdspCVwMl2ZC2UDeA-SluN-s6XndJnj-RR8Ov5T-GlVmRMRNP5KejTbwCSdGeW2TfNQmvkkgFFbw4F86zb369-5B290xZEtXazqb7dwDHi_9eIP2MQxGDMkdeV6oHSfHBWHvkKsCcQDWupS8_9wXfs-lp9xxsmYDN4qPQlurvlUVe-w0Qk_81Lte2S75BiV8nhHCMaMypHC74zXmCJ4UCoYOu1H67VrfB9jzUb2FYjEfZvwP6M3HbjMgqjLjT6gO3sGRTvJYo_6iYWOUuvtSR-SicDgSZ2NxQU8holre1QLBEF-SNqEerTHrK2zFGQT8QsfX3arfk5idAU-v2fngOcOE1fGNATtDgq9ZTJKLtriMxxsKlpMC53ctNyQsjHDRBQxtJK8In9rdKZEJwiSKcL24UlcVave1XMtwQ3vEQWV-cuq3WELIzPBFy4dRFNft6xSl2ftd6OwMFWiOkOHajIqYO2B8mlqMuYwFc-FO1cH097iYtDUdjZWrdv8DhhqtBDPIu8TZWpoVwoN_6CZRGNlQGRWOTWaV7gjeY8e_4y_6AsWZPYvSDwjJ1K-9lD9-ah3t5CkWdqNEfT1xjjdQk1425tolnTp2pnd4ZuCu6bqz2x2c3ZpUn4e9ivLUZUIi0U7oSqxYt0_ZFNEJR8ujWPAesOYJdC_a1MtnKIReOIJ4meWJGymsqjwrVIC-7E5VX5ZXvFHwjgvfLl_lnE0QvWSXzKJJCFi8N1ehU4qtItVzqoOBtQd8N_WkLu8_faFFvtIr0x-vSHoXK_WSHdmjFzU5ZgnyqoFa0kjZCnEqkLGnqbkUWtVJBrX1MuPBg69McYf_AUWv53nuOOE7IU53dN0kudG1V4HeUOXhBawm0r_xsRzbveBDtXAkMc1P9GrnJcEiYBoF1Qmugcy0PToO8uDSrAdkVtSHuX-7Sqg2-XI4GYUMFAj_B2ZpzzlDMyILEYwuYghgw1b9k40_tRbsYMPiIrZwEdaabFoooxrD8IAy8YehZtC3QDmsSUQk1HcEbALlxVL-cj8ydTFG4NQx0-75YD4LJN-f5w01Y2g_Q_SxBvorjbEE7Hiemzq9opQnRsl7bxRYG0gc3hyCagbcOvI-cRa5EzVmKey6QOLJzzJ_PGO3IMGjCcZAYputqeaPDxrCEtPA_ZY0GuXrTZHipVzJAyxl0vH9p7kiEObi8F41UMvmYcxohQIjMwQ4-1D2WIDAbJGZUtdNR20RBHCJaHyhMvq8_FMxGQ8VzhPcv-U7ihzKRPjOM5ddziRVI7HypJZ9o3iJi4ihC177bFK41guobZX9QaovmzRAsUpi_UPpAVEbdOj3qfUHMsoL6wcdUDOjhiA_quvm-PRbSssQf9yPqYqACLdgGqvqOpqkccGbEnkRYkxtgUYeqtqavmbxMNJ74gsKJna5ryDc07DGCpnc2O01h_Ajwmw_Qsc1sARRgblx_GoJca9usyFCKwr8mIt0wjYTX-flEtWgdU2v0JceaoEx1MUiLJPBfFZISUiPzPB6819i_rXvZ7sRFJl9tp-gup6esiIGrxkqg1M9V3oS40rgcNfQoPSA5GU-2RSjO5QXlZGEy92KFkbsYRDovNJjGAFHleA3fo0dIBhQg_9xBzW6NPLheO5n7A9vBRTpFR9NaK5VaZuJJSzYYO3bzn5SfJt2YFdMzI1MW7arcST4uGw1ri7QVuuWiEZxMSDn_AHgm63IAJM3XAMYWgkqPJTKJtNU1b50Q05lNUaINaqrKRCTqu-V4r58oOXvXoKMuNwoGehOEefGr_GG8gozmHMR-znHvuzd4MKL9VJ3LuKp0Cb5FvF7BrHQvd-H2qRgEI_jib7jwmsRAuCZ7oTF6XoFgwZ6D0x2r8WAFoVVK5DVD6E2V9bmonBc1ObymI6zQ2pd01idTF6oEx1haFrH6JGffJjEWs00I228XgWj-JGvIlKm7DsQ-QJsJRQAe2oEJbPvm_DdYUibjozizkGq6QL3k2EYNJ-fv3ywrYrBZEf6CAdnYkamHd-PiZd4W3k0lPrtNHwpzAwGYKwolSvRu8cVp03-GRWDs0o5I236b3dtqbNqoLlKYQRArGwBR0xA5UY9YjMNKPKZmzOkDudVF39XMjhRTfVL-vlXHQ7mA8baklxMyr9VNba5oLll9ANEf6Wix7LVyDPEXGRHmVWNEdJD2Qs-qfd94W8p8bvyaekKYUeyPRnrsR0W9FrPi13cuEQnMlauqOFPCuJcl35TYOQ7R9nmfMwh96FWzB9O7tjlLr-asxxjCDaV7hHDcRRqaCffOYCM3s283BAmRLmL62b3dLJADI9WlyiiL32bqRivDuFofrrflvJk9XDpnnVpzMGaffLkGqqXUzADXl8Wl-vguWpbHYpYYhvinNcNROZVFUcbPAyg5ZsUA4WwBu3_0gQtmVVTSQwM4eBxSoai5QWFSXqkNd1pHXMMumrfI8h1Dh8sZfhCxrpeJoxtbtvCkg8kTcrgA2ri6gFPIigyBheAdWmtVE4SXY4XQpvzJu5QB-EMkE4dD5_HjktjzJfupmWTkUGpvCf_aZawhMr8MXjmW-rPivCv6QLpV3k0qiaT7cevNzgvQTPjMc3Fa7AmotLSgBSLHLfkxABRWDA2MzQiXkc2UhVyFsP1jqzSAEQRcMZ0j9tBXJYlBjFIx3GDVqorxD9-f0qX9qlPBDbbhbeBtpg5dl1QEHDwbeL_wpy_xwgwcRCJEstYr_aUQ9pE8bVc2xOAkQbuVujUntPSwAL0CRjGlrtdHnyuzt9HF_j9uSpKVmJxFDvaR3dHh-_Pkm-4uGforZDf-joaJRTYDma4CRSRcznPvShiYdzJo3cnrbmSOYtB6hAaZBjvC6eW2RuuyhH9lg1Cip4YVbghPQ0WQIefzkG9JaWUxp4EmrzWA1MNHUh5XHYBqaxt-iQUoQWVfYuo_26NmtIOh_v8o8W6j0kJUsQLpo82ibRyhntQkVpDP2cOYZyuKnrZ8UIqQfhnwDqmYu_2bB5hJ29MzB3Y4QHy6p1snBuVWdgcd0NMV-S2nJGxOIMbq_yO8bkykvC891du1r_MIncfD3ZkIbKSTZO5YoiVmNDast_9OA-hwuGW-Q0u959x_MuVBkLcyFNd0zIHiTTSzplb-rAhGH1guxy0WU-4R3-X_5n2psEtDaklLg6f9rJDzY2l9L831MPwEuGdlAo3jHXeXBJzeQY2kKSTHEESEJDZVsoxNglhixq3dvFZnDdM2TOByLyUsTGSQ4E6-DZ-tPcVpetUi40phC8rN8iRlzH2ByCFbECn3hqK1mZSYCIX-BCt6jgvEFbxC39YzeEkiFv_IPErZfg9Gjt4pzmRb_i_6a-QT15d_S0_Y76XbexbrI7d9eLa4AXkBYeAAHvjhJPUL1t4TwCfHCXCs5fEhBPZk1XZwbWfe5M2jKMCwv7N262rsC4NAdwtsDtDI8XRGY1zhiZz7p2VJ3ZNTT8D7BmZzcwNaKBhDY-e1adMIzB2hn8YWQfl1VbUzI40_PDKKDEVsjeLWO6T4-u4dIZ6o3W2pKvMUYDd5FxfQ0yu5gl3rTA6Sf4Z9w8lpWnWPyaTLlB1M80NXuU0ySaEgdSujbqhmk2VOR5MQEM7pxySpUVXb6z3fm4KcY5W9H1S-ivcXPiRhZ_Waucc7UImZCv39jLqaQfq3kM7ZA9uzNXZDoXFTE1_cCHiZa5DelPO4eWWEop7FUMAC8pAD11aQ&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsports.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=17854890235103021000&adk=3690638929&idt=84&cac=0&dtd=47
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df2be2e1de4232c812191bd6a2ae5452d9cbafe821cab316ce3570ef7f1b1fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41011
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 45CA 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sports.walla.co.il
Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:35 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
gen_204
pagead2.googlesyndication.com/pagead/ Frame A253 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2501456231699&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A253 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2501456231699&version=m202309120101&ct=76&x=1&cor=7834978199591730000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A253 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXs9K6URDCjAQDmLHeTnsuVaBVAkYtnnqH_kiuOt5ExQlE3mV4tpxCnjAkiMgXPt2d14jxXxOCgXP3085zxD2XdC2PLYkhCSHqHhI1MqNqoOKMWb0&cry=1&dbm_d=AKAmf-ADeSV2dunuXlcykeP0bIDKqEo4KZL1RxrG6H0l_nHjipYp_RAuSxcZ4Ktw2n3MPa9KC5XINOkohRq8k31FEvE8_d98jbBNOACcRqxAqax7FkcFomSGvrZM8czR6_mLoYrjVJNSXlvSDnL7pDetIPym0KBWhHhOvnM4e41PRX_RHk7IX2l56n2sjAIJtbaaPE_mR3dOnL7W8Yh5bh1PUcWHyA8Lo6VPP9oZUdti49u6A9jxfodGY8PxC5Q7OMCbm3_HSrNUIK-8ubhqRCNFBpuySXK1PFMXFqxf-XJHf-_Xz3_vhCSjn7AkpBnSSUtdRoyx1GmOMQFK5FaE9EJ8VAwma3h-JfAwJWSmtfn5el9bVpL4QLEV512kKx8hS4SpDbU-ZMa5JY5Hf9YWG1bUgck7Njrz4Vyo14XtX58uk4djlqCoTtK70Jz3DdLxHRxlmIEjYokgbNyOjZXUDytZUeDl1Wo2w8FPEjiS4kF6Hw2dn3QcoN1XBgkr6UG9E18K78rcZXD-qDnT3LXI4ubmFZcWWatX10FvTFbZZ54i4hr6BEPq-7lqpUpF9gODLyCLSsADzXT_YGyUIbDzATQEcH9-1GZ7rznZa16UBc_AvZsoA_0bkpRy_w8iJP-ioQ4qz8Imi9JoR-KtQb2vwYykxn49XI4xxHiw7qCt9P-YSIH_ysLYUj7_Xxly24jnoeZdZYleZbqImj5KJ290x40LUTmLoHtK93ZC3wbXdDUYaXlaF7QdRwRxVl_U96w347TkWSiqprMRiV5W3IK6Bx50YtLSJfTynGveDwj4nXzk9bzaK4svJt1efsvIaeJLUE65searcj6h4DUJFkhk3qe9a5AmrTC2DkQ-oIyxEoSkF8dyOiIRnbVbNgNf_wgw0tv8uDPQVOAOoB2kllM8kqoiy9MWATJ0PwYowlz0uLFpALbv3YijJGNA3XK_oLS-FAkOGhPV8ZmKi-y6BKhz0SE586FhdO3i2H2vpWlpzpYQJGTOF-eCRybls8Dpw11WjOigTnOrje8GOFr9PpZu4ZCV1O_JiHw7ird4ZQwa7HUv1xP_Gsq9Uk4AHk49wV1QSBWEK5w7A4cs6lQSuThDtxa_Szy-BJ8-hpNQeg05IT3oZVfOBcKKfBD7qWCxbq-9s3909B2a4uMkJ9A7VY2f7PFwBtnZS15xLRA6H-ZMHj-Alw0qhgjamJvwXwpXVDq7tgP4aorWKWuxPGe8h_sNukk20WlgAIbr5_L5NNJ7ojk9Cl8ZzVOV9LEIfK1awYyjZcthAwpE5XaqlMa4aj2vRzBjAQdg8Ugoh2lPoRxX_9hfLB30g3Lg_qgVBJmgxljho9Y5PCwD2B7s_MURM3tF1CsG2vH51jk-KSmTbz_S0C-3P2DvNY5ZtORlTlazBD8QsHT37rZouVU6dFmAI2NlgdHxfxCQvhpmYdRbg8TUD4AfrAkVOx-SNYftWIaEifAL0-Ir5poTIYwvyLv6dhST1tUl_bECocc8qrnswQihe0H6jr3Y2j-BQBuQwP_0qOAb-uzwW-qlDCR_h7mmMbTrL1NM_uwDWFeCKamStk-CLvbuqaxtkh8TuVTM4QxDYVfnHdvAqZX3IKfFmnVbiiVDtsQWxs5kq_Y0G7Mw-AtprWh-QDakeGKguLUaUx7wjKPhc0D7_eqM_zs2ZS4rksI8vMo_iyD7hzuPHDsiWGdU6wP9_lw7vD7z7hpjk4N2JOqM5bFNrqH_V5FBir5-CUqbVCW02EV5XyBKhemnGtZlOSV3zK4pHE63R6jjhOxGG1sMVigxK9hUukqBgNnGpF_kdSApRVfJ1UdaNhZMnp7c6BksfZNUotje66AG-ZSTpiwb_OJo8imkyva_tt-LTK24TYHE_ZMD7aSNeUTBDPLUwAgdJNZ2rLX1rb313N9O4qveLiF5kEWRdFQroE98F3_k31xSwJrbp66ffvqoNUR8QgWnv_ych3q0DcUfw81wmAV6GzelinDapS1fPKIHQB_WxqFUMz0DH0WVbGShGXlOx6wNvJW4CcKgJOzpL49iAQTcF5V1BO3rfZwscYoxDiU7FS7ZjttlZc0QowDXyFVSwZbNi8xm5EojNAKBLBt4MBdcHT32LpudcAfDgrEaf4aGND6mqXzbYvL2ftwA5CIIBq6fV-qLSnmVyIJl9Nq2ayn-0E5iqNlnNqdnk9I0EbE73PScIlfLW5YVJkN6csYAx1A8kKoyOdbcwvZgCVvpFY5UNFKhArGY495YIdtGPtZqsoij4q221I88kZNkRIBgo_T_PeFwVYU-YdaJMR3apRcGgH-KJaXNimXAb_VWM-id6JYlok4Cxynx6tcHUa4h-goLqLY-IL_jR3QnwqpGHfEdPf5a1h4KIy6GbP2vW7QA4LOGPoaL_QI1V6y6XIV776zzWNlCSwmPacqmQdQxx4vaA3oXzO-cnaDplqY8x7tyN6MbclQimHJTKoSAdps0dyVrRdYTyu41JaGI9mWvSDs98XX8yXKZ1iHpRf9uvICeX_4kAE-lx1IA8IlhSyp1f8V-xmRuDZ2Ns_cX6ENtG1ebuPoghgNvBHJW5Dj6066V3aYnCTsOEoU212fHDN7ABeu37BhEPOVFkT-PVY7MmoU-aBFl1xWQvNy0uiet1iIVtrztX5ocYS3TVTAkRBg0fO33JFyTQbz41ll1skRkBVfrtkc7EMx1kpWYQ4H8LAxHGwMhDgvHvtVgMnpBXolu_FRU3M6hVAeyRzjLkipvNzPS2wNP9ZokF0qGoB2tJafFu3iE1uKUC7k3dSXJrMVuo6_4_n_YvM87KzlNzQlNtYd2WVc9iAnmeOSLHwLkQ8_fG3nLBY9vEm1kB6V6KgbPF5-uYXJRTCexiqURnf4kQnY13ssQau5-ND7ghXifwYjG-kKqOBxb52tnbOIsLFiD2WlgbA2aS896kjiAcY0LeFoeaZhf7WD6W4wqMsGyQX4Y-zvWgW9bHD3k0R4aDWxndCSkL8z_e9Tsj_B08r3QuQ0chwAHYwzC9W-hiLQjT8VaV5OjuFAoLuHcvidvCZepNJl0cjjKjYJ_G8DcjlXuAkhzAKeO1kOu0KaCfMhkKyX1LrmSzW-dsOUtoXg6APpAAnIL8vFR6cGOa2I-jKVBVdwLLM_KEEpZQQaA5OlmnEPUM2B0Baw8l3jrk4LpOSdhY7qAunJGdXNbUfv8_kb17Jp5A-s0M2GAHE36OzfVE9JI5HWAYnWol62EZV8JyyczVVXmDQNyzatN0bhXKR4vQ5adxzoKj5Jlky5gK7hiiRZ-hdemRgU4T2XGo2h5_bjhytnVWkL8esG6gXLzYixyxpLzcrIyf4nroImC2C2wjRAthma9Zdl-SIX8V7aKeykrLa7hl3DApC8OtXquN3QoxUMpYzSZydXZBvoTk6NoeFLjnhdhcm-l-dk6bvPnWZ9Ib95iRRoqpnWy5EShLvGKVP2_Sl4jNbk4cpu2ZLtvFyg8i5q_DI8oEpb5Bjf4HAoX_dZOzYmSkeAiwjAHufe5DVMMAWOZgoUoZeZku1eQVA6koGT8qJ9qoPEMX96S9IAzt7QYu1yZu6788jRdQCVt3qD0T7c9TdBFy3Tz32kNybl-z_AcFzTlHAKVQRU6AGBlIf-EWImNhweRTDpja3jkNGzu4uCDXwydkX5J_P8FGDYtJDX_ZbIjH7r1fHWT9EjiGF77VsnnKS3xD_Ls4qJh-OpImmXfSTlgOLp2cFuMgqSRON5QOrL13bOP6fECXAqYryLndm5uPpfxAvaZ48Hy4imrl-Gj3txTDmZ1O5SccEuI2wlzItGa0cQa4Fjaxt6Jkw8iA6CRKsRUSExPcJt-tjxBdHKbG6U_UPkARcROM7UJItglaB87Vr2hdg&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsports.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7834978199591730000&adk=4188270525&idt=147&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8824d14db05415026d4a42613e0df2b0cb3941a71d774a58b5af650b4d1952f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame F01C 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:35 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 451C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
63134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 20 Sep 2023 13:31:21 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		59 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6960&url=%2F&charset=UTF-8&ch=9&ref=sports.walla.co.il&viewerId=null&referer=&_firid=22490542
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
b3328b7573fdfc1e9b97ce4ec461ad36f51ebb65223b2d6895875dd6f8a2515c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:35 GMT
Content-Encoding
gzip
Via
1.1 a6f8e4a6d80386054febd47005eabaca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
11418
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://sports.walla.co.il
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
yiRnIeW7Xl7a8_0t_YYEOE29yCfumN3O_1bkRdeMRvr5u2sZlS5W_g==
Expires
0
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=09%3A03%3A35.213&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7037&cv=20230919-1-RELEASE&lt=deflated&pct=1
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11917
supply-feature
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/supply-feature?route=AM:AM:V&tvi48=12004&tvi50=12238&lti=deflated&ri=110fc540097cb09205188ab1771908f1&sd=v2_06e642cfcbc028e879bbdbd99f232e4e_3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5_1695193413_1695193413_CNawjgYQk-FcGO7tmourMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABolriLlKfb-47xAXAA&ui=3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5&pi=/&wi=7025978351414212080&pt=category&vi=1695193413358&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2214.890625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A03%3A35.249&id=6437&llvl=2&cv=20230919-1-RELEASE&
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 81D7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:35 GMT
expires
Wed, 20 Sep 2023 07:03:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:35 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame F01C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:03:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 44A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC4GmRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpAJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA9HXGc9HOEfEAgw1ORMX-dJnX35g-h2Cdx46mQV1sQ4ZUytK-vpA4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=0xJX_KSmMKw&uach_m=[UACH]&cid=CAQSPABpAlJWFJvewmWc4LcCIH3hfNsJlMQNiSamC5SZ0S_KyiWoNEc8xrxksEE06Xr2zthdsoIbUAcojVSJPRgB&cbvp=2&vis=1
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 44A8 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k4LKFrr5RKwCX52DYgICAAAA-ErnBP03rxhTB8acYyH7KhBDmQplohAelKROEDskkgAAEgAACgpBUVVCRHdFQkR3&wp=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&cbvp=2
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
297906
server
Kestrel
content-length
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 07:03:35 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame AE31 		0
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8098359dff303618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:35 GMT
server
cloudflare
vary
Accept-Encoding
l
www.google.com/ads/measurement/ Frame 67F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToo63CElg0BEKE8xM2l1_h8aKdAuyBUyHMcVmfXsvZ3SIN47FPEp6775KWCUVfXzm0uyGYXGJwDqBD5gIqZ-Qbyx1dVA
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67F1 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:35 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634097/ Frame 4B5A 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634097/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://sports.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-s8olrK4W5-FmnTuA2YlB
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-61-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b09f920231ac5ad5556a4479de98cda43c1e4e4e7ff0e08dbc2a1c48c56fc5e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4B5A 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Origin
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 21:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 21:04:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 4B5A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWSDEvTCPaqbZ-CJmRkni4UYUtYte_PrOAsByNIDFCuirQfc-2R6UgpJyPLobqkK4JRcdYDdOrb9Nkrsw8FbrVF_W9jaIkAoCrwW7YM8je5K7Iob-g0fRUIqxCln5bEC66a6C-pDtrXMdVVMNgRnctCzuVbYFiStBH4s7p2PUIoMxo8_g&dbm_d=AKAmf-DIJqm6Z3FRUHX5L6Fi7mdspCVwMl2ZC2UDeA-SluN-s6XndJnj-RR8Ov5T-GlVmRMRNP5KejTbwCSdGeW2TfNQmvkkgFFbw4F86zb369-5B290xZEtXazqb7dwDHi_9eIP2MQxGDMkdeV6oHSfHBWHvkKsCcQDWupS8_9wXfs-lp9xxsmYDN4qPQlurvlUVe-w0Qk_81Lte2S75BiV8nhHCMaMypHC74zXmCJ4UCoYOu1H67VrfB9jzUb2FYjEfZvwP6M3HbjMgqjLjT6gO3sGRTvJYo_6iYWOUuvtSR-SicDgSZ2NxQU8holre1QLBEF-SNqEerTHrK2zFGQT8QsfX3arfk5idAU-v2fngOcOE1fGNATtDgq9ZTJKLtriMxxsKlpMC53ctNyQsjHDRBQxtJK8In9rdKZEJwiSKcL24UlcVave1XMtwQ3vEQWV-cuq3WELIzPBFy4dRFNft6xSl2ftd6OwMFWiOkOHajIqYO2B8mlqMuYwFc-FO1cH097iYtDUdjZWrdv8DhhqtBDPIu8TZWpoVwoN_6CZRGNlQGRWOTWaV7gjeY8e_4y_6AsWZPYvSDwjJ1K-9lD9-ah3t5CkWdqNEfT1xjjdQk1425tolnTp2pnd4ZuCu6bqz2x2c3ZpUn4e9ivLUZUIi0U7oSqxYt0_ZFNEJR8ujWPAesOYJdC_a1MtnKIReOIJ4meWJGymsqjwrVIC-7E5VX5ZXvFHwjgvfLl_lnE0QvWSXzKJJCFi8N1ehU4qtItVzqoOBtQd8N_WkLu8_faFFvtIr0x-vSHoXK_WSHdmjFzU5ZgnyqoFa0kjZCnEqkLGnqbkUWtVJBrX1MuPBg69McYf_AUWv53nuOOE7IU53dN0kudG1V4HeUOXhBawm0r_xsRzbveBDtXAkMc1P9GrnJcEiYBoF1Qmugcy0PToO8uDSrAdkVtSHuX-7Sqg2-XI4GYUMFAj_B2ZpzzlDMyILEYwuYghgw1b9k40_tRbsYMPiIrZwEdaabFoooxrD8IAy8YehZtC3QDmsSUQk1HcEbALlxVL-cj8ydTFG4NQx0-75YD4LJN-f5w01Y2g_Q_SxBvorjbEE7Hiemzq9opQnRsl7bxRYG0gc3hyCagbcOvI-cRa5EzVmKey6QOLJzzJ_PGO3IMGjCcZAYputqeaPDxrCEtPA_ZY0GuXrTZHipVzJAyxl0vH9p7kiEObi8F41UMvmYcxohQIjMwQ4-1D2WIDAbJGZUtdNR20RBHCJaHyhMvq8_FMxGQ8VzhPcv-U7ihzKRPjOM5ddziRVI7HypJZ9o3iJi4ihC177bFK41guobZX9QaovmzRAsUpi_UPpAVEbdOj3qfUHMsoL6wcdUDOjhiA_quvm-PRbSssQf9yPqYqACLdgGqvqOpqkccGbEnkRYkxtgUYeqtqavmbxMNJ74gsKJna5ryDc07DGCpnc2O01h_Ajwmw_Qsc1sARRgblx_GoJca9usyFCKwr8mIt0wjYTX-flEtWgdU2v0JceaoEx1MUiLJPBfFZISUiPzPB6819i_rXvZ7sRFJl9tp-gup6esiIGrxkqg1M9V3oS40rgcNfQoPSA5GU-2RSjO5QXlZGEy92KFkbsYRDovNJjGAFHleA3fo0dIBhQg_9xBzW6NPLheO5n7A9vBRTpFR9NaK5VaZuJJSzYYO3bzn5SfJt2YFdMzI1MW7arcST4uGw1ri7QVuuWiEZxMSDn_AHgm63IAJM3XAMYWgkqPJTKJtNU1b50Q05lNUaINaqrKRCTqu-V4r58oOXvXoKMuNwoGehOEefGr_GG8gozmHMR-znHvuzd4MKL9VJ3LuKp0Cb5FvF7BrHQvd-H2qRgEI_jib7jwmsRAuCZ7oTF6XoFgwZ6D0x2r8WAFoVVK5DVD6E2V9bmonBc1ObymI6zQ2pd01idTF6oEx1haFrH6JGffJjEWs00I228XgWj-JGvIlKm7DsQ-QJsJRQAe2oEJbPvm_DdYUibjozizkGq6QL3k2EYNJ-fv3ywrYrBZEf6CAdnYkamHd-PiZd4W3k0lPrtNHwpzAwGYKwolSvRu8cVp03-GRWDs0o5I236b3dtqbNqoLlKYQRArGwBR0xA5UY9YjMNKPKZmzOkDudVF39XMjhRTfVL-vlXHQ7mA8baklxMyr9VNba5oLll9ANEf6Wix7LVyDPEXGRHmVWNEdJD2Qs-qfd94W8p8bvyaekKYUeyPRnrsR0W9FrPi13cuEQnMlauqOFPCuJcl35TYOQ7R9nmfMwh96FWzB9O7tjlLr-asxxjCDaV7hHDcRRqaCffOYCM3s283BAmRLmL62b3dLJADI9WlyiiL32bqRivDuFofrrflvJk9XDpnnVpzMGaffLkGqqXUzADXl8Wl-vguWpbHYpYYhvinNcNROZVFUcbPAyg5ZsUA4WwBu3_0gQtmVVTSQwM4eBxSoai5QWFSXqkNd1pHXMMumrfI8h1Dh8sZfhCxrpeJoxtbtvCkg8kTcrgA2ri6gFPIigyBheAdWmtVE4SXY4XQpvzJu5QB-EMkE4dD5_HjktjzJfupmWTkUGpvCf_aZawhMr8MXjmW-rPivCv6QLpV3k0qiaT7cevNzgvQTPjMc3Fa7AmotLSgBSLHLfkxABRWDA2MzQiXkc2UhVyFsP1jqzSAEQRcMZ0j9tBXJYlBjFIx3GDVqorxD9-f0qX9qlPBDbbhbeBtpg5dl1QEHDwbeL_wpy_xwgwcRCJEstYr_aUQ9pE8bVc2xOAkQbuVujUntPSwAL0CRjGlrtdHnyuzt9HF_j9uSpKVmJxFDvaR3dHh-_Pkm-4uGforZDf-joaJRTYDma4CRSRcznPvShiYdzJo3cnrbmSOYtB6hAaZBjvC6eW2RuuyhH9lg1Cip4YVbghPQ0WQIefzkG9JaWUxp4EmrzWA1MNHUh5XHYBqaxt-iQUoQWVfYuo_26NmtIOh_v8o8W6j0kJUsQLpo82ibRyhntQkVpDP2cOYZyuKnrZ8UIqQfhnwDqmYu_2bB5hJ29MzB3Y4QHy6p1snBuVWdgcd0NMV-S2nJGxOIMbq_yO8bkykvC891du1r_MIncfD3ZkIbKSTZO5YoiVmNDast_9OA-hwuGW-Q0u959x_MuVBkLcyFNd0zIHiTTSzplb-rAhGH1guxy0WU-4R3-X_5n2psEtDaklLg6f9rJDzY2l9L831MPwEuGdlAo3jHXeXBJzeQY2kKSTHEESEJDZVsoxNglhixq3dvFZnDdM2TOByLyUsTGSQ4E6-DZ-tPcVpetUi40phC8rN8iRlzH2ByCFbECn3hqK1mZSYCIX-BCt6jgvEFbxC39YzeEkiFv_IPErZfg9Gjt4pzmRb_i_6a-QT15d_S0_Y76XbexbrI7d9eLa4AXkBYeAAHvjhJPUL1t4TwCfHCXCs5fEhBPZk1XZwbWfe5M2jKMCwv7N262rsC4NAdwtsDtDI8XRGY1zhiZz7p2VJ3ZNTT8D7BmZzcwNaKBhDY-e1adMIzB2hn8YWQfl1VbUzI40_PDKKDEVsjeLWO6T4-u4dIZ6o3W2pKvMUYDd5FxfQ0yu5gl3rTA6Sf4Z9w8lpWnWPyaTLlB1M80NXuU0ySaEgdSujbqhmk2VOR5MQEM7pxySpUVXb6z3fm4KcY5W9H1S-ivcXPiRhZ_Waucc7UImZCv39jLqaQfq3kM7ZA9uzNXZDoXFTE1_cCHiZa5DelPO4eWWEop7FUMAC8pAD11aQ&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsports.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=17854890235103021000&adk=3690638929&idt=84&cac=0&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:59:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
39865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:59:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 4B5A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWSDEvTCPaqbZ-CJmRkni4UYUtYte_PrOAsByNIDFCuirQfc-2R6UgpJyPLobqkK4JRcdYDdOrb9Nkrsw8FbrVF_W9jaIkAoCrwW7YM8je5K7Iob-g0fRUIqxCln5bEC66a6C-pDtrXMdVVMNgRnctCzuVbYFiStBH4s7p2PUIoMxo8_g&dbm_d=AKAmf-DIJqm6Z3FRUHX5L6Fi7mdspCVwMl2ZC2UDeA-SluN-s6XndJnj-RR8Ov5T-GlVmRMRNP5KejTbwCSdGeW2TfNQmvkkgFFbw4F86zb369-5B290xZEtXazqb7dwDHi_9eIP2MQxGDMkdeV6oHSfHBWHvkKsCcQDWupS8_9wXfs-lp9xxsmYDN4qPQlurvlUVe-w0Qk_81Lte2S75BiV8nhHCMaMypHC74zXmCJ4UCoYOu1H67VrfB9jzUb2FYjEfZvwP6M3HbjMgqjLjT6gO3sGRTvJYo_6iYWOUuvtSR-SicDgSZ2NxQU8holre1QLBEF-SNqEerTHrK2zFGQT8QsfX3arfk5idAU-v2fngOcOE1fGNATtDgq9ZTJKLtriMxxsKlpMC53ctNyQsjHDRBQxtJK8In9rdKZEJwiSKcL24UlcVave1XMtwQ3vEQWV-cuq3WELIzPBFy4dRFNft6xSl2ftd6OwMFWiOkOHajIqYO2B8mlqMuYwFc-FO1cH097iYtDUdjZWrdv8DhhqtBDPIu8TZWpoVwoN_6CZRGNlQGRWOTWaV7gjeY8e_4y_6AsWZPYvSDwjJ1K-9lD9-ah3t5CkWdqNEfT1xjjdQk1425tolnTp2pnd4ZuCu6bqz2x2c3ZpUn4e9ivLUZUIi0U7oSqxYt0_ZFNEJR8ujWPAesOYJdC_a1MtnKIReOIJ4meWJGymsqjwrVIC-7E5VX5ZXvFHwjgvfLl_lnE0QvWSXzKJJCFi8N1ehU4qtItVzqoOBtQd8N_WkLu8_faFFvtIr0x-vSHoXK_WSHdmjFzU5ZgnyqoFa0kjZCnEqkLGnqbkUWtVJBrX1MuPBg69McYf_AUWv53nuOOE7IU53dN0kudG1V4HeUOXhBawm0r_xsRzbveBDtXAkMc1P9GrnJcEiYBoF1Qmugcy0PToO8uDSrAdkVtSHuX-7Sqg2-XI4GYUMFAj_B2ZpzzlDMyILEYwuYghgw1b9k40_tRbsYMPiIrZwEdaabFoooxrD8IAy8YehZtC3QDmsSUQk1HcEbALlxVL-cj8ydTFG4NQx0-75YD4LJN-f5w01Y2g_Q_SxBvorjbEE7Hiemzq9opQnRsl7bxRYG0gc3hyCagbcOvI-cRa5EzVmKey6QOLJzzJ_PGO3IMGjCcZAYputqeaPDxrCEtPA_ZY0GuXrTZHipVzJAyxl0vH9p7kiEObi8F41UMvmYcxohQIjMwQ4-1D2WIDAbJGZUtdNR20RBHCJaHyhMvq8_FMxGQ8VzhPcv-U7ihzKRPjOM5ddziRVI7HypJZ9o3iJi4ihC177bFK41guobZX9QaovmzRAsUpi_UPpAVEbdOj3qfUHMsoL6wcdUDOjhiA_quvm-PRbSssQf9yPqYqACLdgGqvqOpqkccGbEnkRYkxtgUYeqtqavmbxMNJ74gsKJna5ryDc07DGCpnc2O01h_Ajwmw_Qsc1sARRgblx_GoJca9usyFCKwr8mIt0wjYTX-flEtWgdU2v0JceaoEx1MUiLJPBfFZISUiPzPB6819i_rXvZ7sRFJl9tp-gup6esiIGrxkqg1M9V3oS40rgcNfQoPSA5GU-2RSjO5QXlZGEy92KFkbsYRDovNJjGAFHleA3fo0dIBhQg_9xBzW6NPLheO5n7A9vBRTpFR9NaK5VaZuJJSzYYO3bzn5SfJt2YFdMzI1MW7arcST4uGw1ri7QVuuWiEZxMSDn_AHgm63IAJM3XAMYWgkqPJTKJtNU1b50Q05lNUaINaqrKRCTqu-V4r58oOXvXoKMuNwoGehOEefGr_GG8gozmHMR-znHvuzd4MKL9VJ3LuKp0Cb5FvF7BrHQvd-H2qRgEI_jib7jwmsRAuCZ7oTF6XoFgwZ6D0x2r8WAFoVVK5DVD6E2V9bmonBc1ObymI6zQ2pd01idTF6oEx1haFrH6JGffJjEWs00I228XgWj-JGvIlKm7DsQ-QJsJRQAe2oEJbPvm_DdYUibjozizkGq6QL3k2EYNJ-fv3ywrYrBZEf6CAdnYkamHd-PiZd4W3k0lPrtNHwpzAwGYKwolSvRu8cVp03-GRWDs0o5I236b3dtqbNqoLlKYQRArGwBR0xA5UY9YjMNKPKZmzOkDudVF39XMjhRTfVL-vlXHQ7mA8baklxMyr9VNba5oLll9ANEf6Wix7LVyDPEXGRHmVWNEdJD2Qs-qfd94W8p8bvyaekKYUeyPRnrsR0W9FrPi13cuEQnMlauqOFPCuJcl35TYOQ7R9nmfMwh96FWzB9O7tjlLr-asxxjCDaV7hHDcRRqaCffOYCM3s283BAmRLmL62b3dLJADI9WlyiiL32bqRivDuFofrrflvJk9XDpnnVpzMGaffLkGqqXUzADXl8Wl-vguWpbHYpYYhvinNcNROZVFUcbPAyg5ZsUA4WwBu3_0gQtmVVTSQwM4eBxSoai5QWFSXqkNd1pHXMMumrfI8h1Dh8sZfhCxrpeJoxtbtvCkg8kTcrgA2ri6gFPIigyBheAdWmtVE4SXY4XQpvzJu5QB-EMkE4dD5_HjktjzJfupmWTkUGpvCf_aZawhMr8MXjmW-rPivCv6QLpV3k0qiaT7cevNzgvQTPjMc3Fa7AmotLSgBSLHLfkxABRWDA2MzQiXkc2UhVyFsP1jqzSAEQRcMZ0j9tBXJYlBjFIx3GDVqorxD9-f0qX9qlPBDbbhbeBtpg5dl1QEHDwbeL_wpy_xwgwcRCJEstYr_aUQ9pE8bVc2xOAkQbuVujUntPSwAL0CRjGlrtdHnyuzt9HF_j9uSpKVmJxFDvaR3dHh-_Pkm-4uGforZDf-joaJRTYDma4CRSRcznPvShiYdzJo3cnrbmSOYtB6hAaZBjvC6eW2RuuyhH9lg1Cip4YVbghPQ0WQIefzkG9JaWUxp4EmrzWA1MNHUh5XHYBqaxt-iQUoQWVfYuo_26NmtIOh_v8o8W6j0kJUsQLpo82ibRyhntQkVpDP2cOYZyuKnrZ8UIqQfhnwDqmYu_2bB5hJ29MzB3Y4QHy6p1snBuVWdgcd0NMV-S2nJGxOIMbq_yO8bkykvC891du1r_MIncfD3ZkIbKSTZO5YoiVmNDast_9OA-hwuGW-Q0u959x_MuVBkLcyFNd0zIHiTTSzplb-rAhGH1guxy0WU-4R3-X_5n2psEtDaklLg6f9rJDzY2l9L831MPwEuGdlAo3jHXeXBJzeQY2kKSTHEESEJDZVsoxNglhixq3dvFZnDdM2TOByLyUsTGSQ4E6-DZ-tPcVpetUi40phC8rN8iRlzH2ByCFbECn3hqK1mZSYCIX-BCt6jgvEFbxC39YzeEkiFv_IPErZfg9Gjt4pzmRb_i_6a-QT15d_S0_Y76XbexbrI7d9eLa4AXkBYeAAHvjhJPUL1t4TwCfHCXCs5fEhBPZk1XZwbWfe5M2jKMCwv7N262rsC4NAdwtsDtDI8XRGY1zhiZz7p2VJ3ZNTT8D7BmZzcwNaKBhDY-e1adMIzB2hn8YWQfl1VbUzI40_PDKKDEVsjeLWO6T4-u4dIZ6o3W2pKvMUYDd5FxfQ0yu5gl3rTA6Sf4Z9w8lpWnWPyaTLlB1M80NXuU0ySaEgdSujbqhmk2VOR5MQEM7pxySpUVXb6z3fm4KcY5W9H1S-ivcXPiRhZ_Waucc7UImZCv39jLqaQfq3kM7ZA9uzNXZDoXFTE1_cCHiZa5DelPO4eWWEop7FUMAC8pAD11aQ&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsports.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=17854890235103021000&adk=3690638929&idt=84&cac=0&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:59:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
39865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:59:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4B5A 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
81514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 08:25:01 GMT
truncated
/ Frame 67F1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6416e5792c35b4ce90a38e7f4f7c0511c1fadf1cb0eb33ed0e7a9528bffa846

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 6961 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsomrRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqAJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IChIXkCY7R-mOq71tx4ZxsHuPV1AwyuhnDK8ISHP_qOUwOiMdQhduAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=gLA9XJBM_4g&uach_m=[UACH]&cid=CAQSPABpAlJWFJvewmWc4LcCIH3hfNsJlMQNiSamC5SZ0S_KyiWoNEc8xrxksEE06Xr2zthdsoIbUAcojVSJPRgB&cbvp=2&vis=1
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6961 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k_D2DLr5RMoHUJ2DYgICAAAA-ErnBP03rxhTB8acYyH7KhBEmQpljU_2qjCyMssJawAAEgAACgpBUVVCRHdFQkR3&wp=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&cbvp=2
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:34 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
130044
server
Kestrel
content-length
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A253 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Origin
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 08:25:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame A253 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXs9K6URDCjAQDmLHeTnsuVaBVAkYtnnqH_kiuOt5ExQlE3mV4tpxCnjAkiMgXPt2d14jxXxOCgXP3085zxD2XdC2PLYkhCSHqHhI1MqNqoOKMWb0&cry=1&dbm_d=AKAmf-ADeSV2dunuXlcykeP0bIDKqEo4KZL1RxrG6H0l_nHjipYp_RAuSxcZ4Ktw2n3MPa9KC5XINOkohRq8k31FEvE8_d98jbBNOACcRqxAqax7FkcFomSGvrZM8czR6_mLoYrjVJNSXlvSDnL7pDetIPym0KBWhHhOvnM4e41PRX_RHk7IX2l56n2sjAIJtbaaPE_mR3dOnL7W8Yh5bh1PUcWHyA8Lo6VPP9oZUdti49u6A9jxfodGY8PxC5Q7OMCbm3_HSrNUIK-8ubhqRCNFBpuySXK1PFMXFqxf-XJHf-_Xz3_vhCSjn7AkpBnSSUtdRoyx1GmOMQFK5FaE9EJ8VAwma3h-JfAwJWSmtfn5el9bVpL4QLEV512kKx8hS4SpDbU-ZMa5JY5Hf9YWG1bUgck7Njrz4Vyo14XtX58uk4djlqCoTtK70Jz3DdLxHRxlmIEjYokgbNyOjZXUDytZUeDl1Wo2w8FPEjiS4kF6Hw2dn3QcoN1XBgkr6UG9E18K78rcZXD-qDnT3LXI4ubmFZcWWatX10FvTFbZZ54i4hr6BEPq-7lqpUpF9gODLyCLSsADzXT_YGyUIbDzATQEcH9-1GZ7rznZa16UBc_AvZsoA_0bkpRy_w8iJP-ioQ4qz8Imi9JoR-KtQb2vwYykxn49XI4xxHiw7qCt9P-YSIH_ysLYUj7_Xxly24jnoeZdZYleZbqImj5KJ290x40LUTmLoHtK93ZC3wbXdDUYaXlaF7QdRwRxVl_U96w347TkWSiqprMRiV5W3IK6Bx50YtLSJfTynGveDwj4nXzk9bzaK4svJt1efsvIaeJLUE65searcj6h4DUJFkhk3qe9a5AmrTC2DkQ-oIyxEoSkF8dyOiIRnbVbNgNf_wgw0tv8uDPQVOAOoB2kllM8kqoiy9MWATJ0PwYowlz0uLFpALbv3YijJGNA3XK_oLS-FAkOGhPV8ZmKi-y6BKhz0SE586FhdO3i2H2vpWlpzpYQJGTOF-eCRybls8Dpw11WjOigTnOrje8GOFr9PpZu4ZCV1O_JiHw7ird4ZQwa7HUv1xP_Gsq9Uk4AHk49wV1QSBWEK5w7A4cs6lQSuThDtxa_Szy-BJ8-hpNQeg05IT3oZVfOBcKKfBD7qWCxbq-9s3909B2a4uMkJ9A7VY2f7PFwBtnZS15xLRA6H-ZMHj-Alw0qhgjamJvwXwpXVDq7tgP4aorWKWuxPGe8h_sNukk20WlgAIbr5_L5NNJ7ojk9Cl8ZzVOV9LEIfK1awYyjZcthAwpE5XaqlMa4aj2vRzBjAQdg8Ugoh2lPoRxX_9hfLB30g3Lg_qgVBJmgxljho9Y5PCwD2B7s_MURM3tF1CsG2vH51jk-KSmTbz_S0C-3P2DvNY5ZtORlTlazBD8QsHT37rZouVU6dFmAI2NlgdHxfxCQvhpmYdRbg8TUD4AfrAkVOx-SNYftWIaEifAL0-Ir5poTIYwvyLv6dhST1tUl_bECocc8qrnswQihe0H6jr3Y2j-BQBuQwP_0qOAb-uzwW-qlDCR_h7mmMbTrL1NM_uwDWFeCKamStk-CLvbuqaxtkh8TuVTM4QxDYVfnHdvAqZX3IKfFmnVbiiVDtsQWxs5kq_Y0G7Mw-AtprWh-QDakeGKguLUaUx7wjKPhc0D7_eqM_zs2ZS4rksI8vMo_iyD7hzuPHDsiWGdU6wP9_lw7vD7z7hpjk4N2JOqM5bFNrqH_V5FBir5-CUqbVCW02EV5XyBKhemnGtZlOSV3zK4pHE63R6jjhOxGG1sMVigxK9hUukqBgNnGpF_kdSApRVfJ1UdaNhZMnp7c6BksfZNUotje66AG-ZSTpiwb_OJo8imkyva_tt-LTK24TYHE_ZMD7aSNeUTBDPLUwAgdJNZ2rLX1rb313N9O4qveLiF5kEWRdFQroE98F3_k31xSwJrbp66ffvqoNUR8QgWnv_ych3q0DcUfw81wmAV6GzelinDapS1fPKIHQB_WxqFUMz0DH0WVbGShGXlOx6wNvJW4CcKgJOzpL49iAQTcF5V1BO3rfZwscYoxDiU7FS7ZjttlZc0QowDXyFVSwZbNi8xm5EojNAKBLBt4MBdcHT32LpudcAfDgrEaf4aGND6mqXzbYvL2ftwA5CIIBq6fV-qLSnmVyIJl9Nq2ayn-0E5iqNlnNqdnk9I0EbE73PScIlfLW5YVJkN6csYAx1A8kKoyOdbcwvZgCVvpFY5UNFKhArGY495YIdtGPtZqsoij4q221I88kZNkRIBgo_T_PeFwVYU-YdaJMR3apRcGgH-KJaXNimXAb_VWM-id6JYlok4Cxynx6tcHUa4h-goLqLY-IL_jR3QnwqpGHfEdPf5a1h4KIy6GbP2vW7QA4LOGPoaL_QI1V6y6XIV776zzWNlCSwmPacqmQdQxx4vaA3oXzO-cnaDplqY8x7tyN6MbclQimHJTKoSAdps0dyVrRdYTyu41JaGI9mWvSDs98XX8yXKZ1iHpRf9uvICeX_4kAE-lx1IA8IlhSyp1f8V-xmRuDZ2Ns_cX6ENtG1ebuPoghgNvBHJW5Dj6066V3aYnCTsOEoU212fHDN7ABeu37BhEPOVFkT-PVY7MmoU-aBFl1xWQvNy0uiet1iIVtrztX5ocYS3TVTAkRBg0fO33JFyTQbz41ll1skRkBVfrtkc7EMx1kpWYQ4H8LAxHGwMhDgvHvtVgMnpBXolu_FRU3M6hVAeyRzjLkipvNzPS2wNP9ZokF0qGoB2tJafFu3iE1uKUC7k3dSXJrMVuo6_4_n_YvM87KzlNzQlNtYd2WVc9iAnmeOSLHwLkQ8_fG3nLBY9vEm1kB6V6KgbPF5-uYXJRTCexiqURnf4kQnY13ssQau5-ND7ghXifwYjG-kKqOBxb52tnbOIsLFiD2WlgbA2aS896kjiAcY0LeFoeaZhf7WD6W4wqMsGyQX4Y-zvWgW9bHD3k0R4aDWxndCSkL8z_e9Tsj_B08r3QuQ0chwAHYwzC9W-hiLQjT8VaV5OjuFAoLuHcvidvCZepNJl0cjjKjYJ_G8DcjlXuAkhzAKeO1kOu0KaCfMhkKyX1LrmSzW-dsOUtoXg6APpAAnIL8vFR6cGOa2I-jKVBVdwLLM_KEEpZQQaA5OlmnEPUM2B0Baw8l3jrk4LpOSdhY7qAunJGdXNbUfv8_kb17Jp5A-s0M2GAHE36OzfVE9JI5HWAYnWol62EZV8JyyczVVXmDQNyzatN0bhXKR4vQ5adxzoKj5Jlky5gK7hiiRZ-hdemRgU4T2XGo2h5_bjhytnVWkL8esG6gXLzYixyxpLzcrIyf4nroImC2C2wjRAthma9Zdl-SIX8V7aKeykrLa7hl3DApC8OtXquN3QoxUMpYzSZydXZBvoTk6NoeFLjnhdhcm-l-dk6bvPnWZ9Ib95iRRoqpnWy5EShLvGKVP2_Sl4jNbk4cpu2ZLtvFyg8i5q_DI8oEpb5Bjf4HAoX_dZOzYmSkeAiwjAHufe5DVMMAWOZgoUoZeZku1eQVA6koGT8qJ9qoPEMX96S9IAzt7QYu1yZu6788jRdQCVt3qD0T7c9TdBFy3Tz32kNybl-z_AcFzTlHAKVQRU6AGBlIf-EWImNhweRTDpja3jkNGzu4uCDXwydkX5J_P8FGDYtJDX_ZbIjH7r1fHWT9EjiGF77VsnnKS3xD_Ls4qJh-OpImmXfSTlgOLp2cFuMgqSRON5QOrL13bOP6fECXAqYryLndm5uPpfxAvaZ48Hy4imrl-Gj3txTDmZ1O5SccEuI2wlzItGa0cQa4Fjaxt6Jkw8iA6CRKsRUSExPcJt-tjxBdHKbG6U_UPkARcROM7UJItglaB87Vr2hdg&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsports.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7834978199591730000&adk=4188270525&idt=147&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:59:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
39865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:59:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame A253 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXs9K6URDCjAQDmLHeTnsuVaBVAkYtnnqH_kiuOt5ExQlE3mV4tpxCnjAkiMgXPt2d14jxXxOCgXP3085zxD2XdC2PLYkhCSHqHhI1MqNqoOKMWb0&cry=1&dbm_d=AKAmf-ADeSV2dunuXlcykeP0bIDKqEo4KZL1RxrG6H0l_nHjipYp_RAuSxcZ4Ktw2n3MPa9KC5XINOkohRq8k31FEvE8_d98jbBNOACcRqxAqax7FkcFomSGvrZM8czR6_mLoYrjVJNSXlvSDnL7pDetIPym0KBWhHhOvnM4e41PRX_RHk7IX2l56n2sjAIJtbaaPE_mR3dOnL7W8Yh5bh1PUcWHyA8Lo6VPP9oZUdti49u6A9jxfodGY8PxC5Q7OMCbm3_HSrNUIK-8ubhqRCNFBpuySXK1PFMXFqxf-XJHf-_Xz3_vhCSjn7AkpBnSSUtdRoyx1GmOMQFK5FaE9EJ8VAwma3h-JfAwJWSmtfn5el9bVpL4QLEV512kKx8hS4SpDbU-ZMa5JY5Hf9YWG1bUgck7Njrz4Vyo14XtX58uk4djlqCoTtK70Jz3DdLxHRxlmIEjYokgbNyOjZXUDytZUeDl1Wo2w8FPEjiS4kF6Hw2dn3QcoN1XBgkr6UG9E18K78rcZXD-qDnT3LXI4ubmFZcWWatX10FvTFbZZ54i4hr6BEPq-7lqpUpF9gODLyCLSsADzXT_YGyUIbDzATQEcH9-1GZ7rznZa16UBc_AvZsoA_0bkpRy_w8iJP-ioQ4qz8Imi9JoR-KtQb2vwYykxn49XI4xxHiw7qCt9P-YSIH_ysLYUj7_Xxly24jnoeZdZYleZbqImj5KJ290x40LUTmLoHtK93ZC3wbXdDUYaXlaF7QdRwRxVl_U96w347TkWSiqprMRiV5W3IK6Bx50YtLSJfTynGveDwj4nXzk9bzaK4svJt1efsvIaeJLUE65searcj6h4DUJFkhk3qe9a5AmrTC2DkQ-oIyxEoSkF8dyOiIRnbVbNgNf_wgw0tv8uDPQVOAOoB2kllM8kqoiy9MWATJ0PwYowlz0uLFpALbv3YijJGNA3XK_oLS-FAkOGhPV8ZmKi-y6BKhz0SE586FhdO3i2H2vpWlpzpYQJGTOF-eCRybls8Dpw11WjOigTnOrje8GOFr9PpZu4ZCV1O_JiHw7ird4ZQwa7HUv1xP_Gsq9Uk4AHk49wV1QSBWEK5w7A4cs6lQSuThDtxa_Szy-BJ8-hpNQeg05IT3oZVfOBcKKfBD7qWCxbq-9s3909B2a4uMkJ9A7VY2f7PFwBtnZS15xLRA6H-ZMHj-Alw0qhgjamJvwXwpXVDq7tgP4aorWKWuxPGe8h_sNukk20WlgAIbr5_L5NNJ7ojk9Cl8ZzVOV9LEIfK1awYyjZcthAwpE5XaqlMa4aj2vRzBjAQdg8Ugoh2lPoRxX_9hfLB30g3Lg_qgVBJmgxljho9Y5PCwD2B7s_MURM3tF1CsG2vH51jk-KSmTbz_S0C-3P2DvNY5ZtORlTlazBD8QsHT37rZouVU6dFmAI2NlgdHxfxCQvhpmYdRbg8TUD4AfrAkVOx-SNYftWIaEifAL0-Ir5poTIYwvyLv6dhST1tUl_bECocc8qrnswQihe0H6jr3Y2j-BQBuQwP_0qOAb-uzwW-qlDCR_h7mmMbTrL1NM_uwDWFeCKamStk-CLvbuqaxtkh8TuVTM4QxDYVfnHdvAqZX3IKfFmnVbiiVDtsQWxs5kq_Y0G7Mw-AtprWh-QDakeGKguLUaUx7wjKPhc0D7_eqM_zs2ZS4rksI8vMo_iyD7hzuPHDsiWGdU6wP9_lw7vD7z7hpjk4N2JOqM5bFNrqH_V5FBir5-CUqbVCW02EV5XyBKhemnGtZlOSV3zK4pHE63R6jjhOxGG1sMVigxK9hUukqBgNnGpF_kdSApRVfJ1UdaNhZMnp7c6BksfZNUotje66AG-ZSTpiwb_OJo8imkyva_tt-LTK24TYHE_ZMD7aSNeUTBDPLUwAgdJNZ2rLX1rb313N9O4qveLiF5kEWRdFQroE98F3_k31xSwJrbp66ffvqoNUR8QgWnv_ych3q0DcUfw81wmAV6GzelinDapS1fPKIHQB_WxqFUMz0DH0WVbGShGXlOx6wNvJW4CcKgJOzpL49iAQTcF5V1BO3rfZwscYoxDiU7FS7ZjttlZc0QowDXyFVSwZbNi8xm5EojNAKBLBt4MBdcHT32LpudcAfDgrEaf4aGND6mqXzbYvL2ftwA5CIIBq6fV-qLSnmVyIJl9Nq2ayn-0E5iqNlnNqdnk9I0EbE73PScIlfLW5YVJkN6csYAx1A8kKoyOdbcwvZgCVvpFY5UNFKhArGY495YIdtGPtZqsoij4q221I88kZNkRIBgo_T_PeFwVYU-YdaJMR3apRcGgH-KJaXNimXAb_VWM-id6JYlok4Cxynx6tcHUa4h-goLqLY-IL_jR3QnwqpGHfEdPf5a1h4KIy6GbP2vW7QA4LOGPoaL_QI1V6y6XIV776zzWNlCSwmPacqmQdQxx4vaA3oXzO-cnaDplqY8x7tyN6MbclQimHJTKoSAdps0dyVrRdYTyu41JaGI9mWvSDs98XX8yXKZ1iHpRf9uvICeX_4kAE-lx1IA8IlhSyp1f8V-xmRuDZ2Ns_cX6ENtG1ebuPoghgNvBHJW5Dj6066V3aYnCTsOEoU212fHDN7ABeu37BhEPOVFkT-PVY7MmoU-aBFl1xWQvNy0uiet1iIVtrztX5ocYS3TVTAkRBg0fO33JFyTQbz41ll1skRkBVfrtkc7EMx1kpWYQ4H8LAxHGwMhDgvHvtVgMnpBXolu_FRU3M6hVAeyRzjLkipvNzPS2wNP9ZokF0qGoB2tJafFu3iE1uKUC7k3dSXJrMVuo6_4_n_YvM87KzlNzQlNtYd2WVc9iAnmeOSLHwLkQ8_fG3nLBY9vEm1kB6V6KgbPF5-uYXJRTCexiqURnf4kQnY13ssQau5-ND7ghXifwYjG-kKqOBxb52tnbOIsLFiD2WlgbA2aS896kjiAcY0LeFoeaZhf7WD6W4wqMsGyQX4Y-zvWgW9bHD3k0R4aDWxndCSkL8z_e9Tsj_B08r3QuQ0chwAHYwzC9W-hiLQjT8VaV5OjuFAoLuHcvidvCZepNJl0cjjKjYJ_G8DcjlXuAkhzAKeO1kOu0KaCfMhkKyX1LrmSzW-dsOUtoXg6APpAAnIL8vFR6cGOa2I-jKVBVdwLLM_KEEpZQQaA5OlmnEPUM2B0Baw8l3jrk4LpOSdhY7qAunJGdXNbUfv8_kb17Jp5A-s0M2GAHE36OzfVE9JI5HWAYnWol62EZV8JyyczVVXmDQNyzatN0bhXKR4vQ5adxzoKj5Jlky5gK7hiiRZ-hdemRgU4T2XGo2h5_bjhytnVWkL8esG6gXLzYixyxpLzcrIyf4nroImC2C2wjRAthma9Zdl-SIX8V7aKeykrLa7hl3DApC8OtXquN3QoxUMpYzSZydXZBvoTk6NoeFLjnhdhcm-l-dk6bvPnWZ9Ib95iRRoqpnWy5EShLvGKVP2_Sl4jNbk4cpu2ZLtvFyg8i5q_DI8oEpb5Bjf4HAoX_dZOzYmSkeAiwjAHufe5DVMMAWOZgoUoZeZku1eQVA6koGT8qJ9qoPEMX96S9IAzt7QYu1yZu6788jRdQCVt3qD0T7c9TdBFy3Tz32kNybl-z_AcFzTlHAKVQRU6AGBlIf-EWImNhweRTDpja3jkNGzu4uCDXwydkX5J_P8FGDYtJDX_ZbIjH7r1fHWT9EjiGF77VsnnKS3xD_Ls4qJh-OpImmXfSTlgOLp2cFuMgqSRON5QOrL13bOP6fECXAqYryLndm5uPpfxAvaZ48Hy4imrl-Gj3txTDmZ1O5SccEuI2wlzItGa0cQa4Fjaxt6Jkw8iA6CRKsRUSExPcJt-tjxBdHKbG6U_UPkARcROM7UJItglaB87Vr2hdg&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsports.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7834978199591730000&adk=4188270525&idt=147&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:59:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
39865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:59:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A253 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
81514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 08:25:01 GMT
/
onetag-sys.com/usync/ Frame 2983 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7D32 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4B5A 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea89f4227abc9034cd16d5626676b0d0b6d6be18e53d9db0b604d8411513208b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
pixel
ap.lijit.com/ Frame 2579 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 07:03:35 GMT
X-Sovrn-Pod
ad_ap6ams1
sync
event.dxmdp.com/rest/api/v1/ 		34 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=oAENlyoR,TW7oIPDA
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
11c4e6125eb54bbb88de124ec0e36e233b3940c3baa1e8ca6ede68d4e46ff002

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Wed, 20 Sep 2023 07:03:35 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=oAENlyoR,TW7oIPDA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.15.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-15-202.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://sports.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 20 Sep 2023 07:03:35 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 454A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A253 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35f835fe90db445a48012efb03e15e91dce30f9f3653b407cd95ef3a6f505fc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7662
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsports.walla.co.il%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 20 Sep 2023 07:03:28 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:28 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsports.walla.co.il%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
RX-54782d38-bf7e-4261-9907-a6a68d06c640-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 1DDF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1695193415689
  • https://ad.turn.com/r/cs?pid=45&rndcb=8914969064
  • https://sync.1rx.io/usersync/turn/4098311613554324035?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-54782d38-bf7e-4261-9907-a6a...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003
0
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835a32d503618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Wed, 20 Sep 2023 07:03:36 GMT
etag
RX54782d38bf7e42619907a6a68d06c640003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-54782d38-bf7e-4261-9907-a6a68d06c640-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
st
imprammp.taboola.com/ Frame 2B28 		439 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&cmcv=&pix=undefined&cb=1695193415642&uv=3340&tms=1695193415642&abt=adxLoadDist7-out_vC!dfrc_vB!nonrv_vA!t45!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=ae590398-852b-4ff4-98ea-d087de739176&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b40eb16edca517e36908c25750a0d9f14395af52c013cbd5c5350824df5bba35

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 20 Sep 2023 07:03:35 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220090-FRA
x-timer
S1695193416.653253,VS0,VE9
sync
am-match.taboola.com/ Frame 4E32 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ee418901528f533337c22471e0c7761e63ef2acaa69d7f90148f4450534bfd60

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 20 Sep 2023 07:03:35 GMT
machineid
3401
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&cmcv=&pix=31589837&cb=1695193415642&uv=3340&tms=1695193415642&abt=adxLoadDist7-out_vC!dfrc_vB!nonrv_vA!t45!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1695193409815.3!ts:1695193415642&mntl=1
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-length
0
server
nginx
8eccd715-b424-5407-bfdf-baf6dad523be
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 9D20
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-229080315898315294
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
0
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835a81b6b3618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 07:03:35 GMT
smwt256.gif
us.ck-ie.com/ Frame 1D11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 20 Sep 2023 07:03:35 GMT
Server
nginx
300x600.html
s0.2mdn.net/sadbundle/11698040626992906240/ Frame 00F2 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:35 GMT
expires
Thu, 19 Sep 2024 07:03:35 GMT
last-modified
Wed, 15 Feb 2023 15:30:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A253 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwNNN4o0YQku_Ywh7oLoFsqOjjeKzopK-6NqrnSsIhgtdL76kgDylSC6c0JSp4Xnr64xhDlRXu_3_qT0RzFteNCoAfUM9P6UGZYejlUZP8HFBL5LzbXo_sN8CWDqKJPNNBM_iLJrrsYgaT997guJNd-5W9nHRR1aZOxpNSPqS0XAjOgXsISFyOaZX_5wv6FusVkvFb2jd0J9wgNAF35LNPRUoCC7P48Uoj0mQlkRLIAxG95tAU4SsuMzoEi3v33wNYrRfv-BybZaYKaTyPz5ZSaL7zvy-fdIkjk1Ntenx1FgSIZTgZ7pSP1VIH3BTo_Xr3ReZBmpkWRDtQjwr2BAB5wmI9dndLVXRcvoB7xdez4zcKqqHWEEySnB_lKZGVGv9UwZYZskiJCcoW3GdiGTwcO5miBokWqeU4c65fqfG2zDWKjk0RuJeqqJ9EZgnkDEIqcEP0_SyRwlNbaXUBtKq5qKuMlqpFgw_dR_XvuNiyzGc73ZhPVVPSiMKwZb_iYB7rZXcRT1c_bODuZFRxTM8zpsoam4zBOGQlSop6xDetzmsIeD4curnfn9mf_awd1iY9zjDqDL0aacMGLild8qs4RWuphdF1mN3PgWEXXtI-rhtP48xC2I14DS2OFNKARbwGBPJlNFo6pIdjoSOmNtXLUXV8DwEtpoqimxPbCmlk7ng-FONLJ55OEYDlVSyJ2YT5KeevkmRWYrBvxJvv2C-0YgMKygc-QfKqpAnBc5GHk11XZFRqr2ChhJtDyBfUoRQu_4g0vuK8wnBTnFUD597uknSsrLf9v5a6Je8QsDEDvfDPtZN6J6RFx7_2EUf8tasSM15reCZtx8gTWMXHfHYv2-rYCpkN7rxAWhtXk8BmLV5aSwzNycXk8cXD85adlxgUgwTIvQQnOHtlu8w75kY-ARiuA8MUCSNesyFoV3ZOU0r5wDnBIvCIJp7n4BERqGGzQPxRsyFvjMrLaJtkLUMHFze9srtXUV8Ii-_34UiQqhfBDoCsrRmTHcNlcwc5o0J1WxiGtb1eIFLc3v1iy1tbvGLpLhj10IfrLOb3sn0jtD6_0KfHSZFxCLvK8OnvMAcjkgQmOkmkU22piWMXc7tA5ZzGAdWtjeQwG50Qg8pHJr_YMaJIOdGdTMz4hZcTPW5TKq-N1o4bYPruwputcTMQApXEzirKdew_VoKVnQz0sUO1Sx6PckmYA1nkOOjrMu32yDFQCIbQWhHVZWbmjiWtMHjiwLjciUDp1CYugk5Ov2z0-Dj_phQ8ypPJ3S9loTQl1KoftvUIbcsO3sGPjJzLEDPrVhcwNCp9RGdsWqaSm6JIVHO1a3HkrYI7s66K2_kSCbJxzIW4_3hbrzTjkv6IU-dIICyy253822YuJ_UTmfACqtip1ar4DDdT0aojRY4&sai=AMfl-YSkDQLGd8Qb3upAkmJn_wnbcvCNTZk9iGuAdSPZfzN8Ei6H6RbeFG7bHLxa0cZGZ9AZHThIqEkQkL0VF37X0GMK4C1qvIHWP2X8rohDVNDKEENoboD3I0Yqc2lK63sJ10Wino0h9gRaRmVXdVYXbGw3qWY55t655yiMa0AE41cPIvupHXOlICAkRA6VvKPpy7e9hUvfdpJK0J2UP5aKHFm44AcIpBIQLSqRZMLLTTDvIpJbW1cbE-MqRPJw4dao-T8vquQPt9b6zpt4e6HAy4PdhTU0NGgS&sig=Cg0ArKJSzAzyxT3dX6-vEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=329&cbvp=1&cstd=310&cisv=r20230918.80003&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 07:03:35 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:35 GMT
cookie
cm.adform.net/ Frame 7585 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Wed, 20 Sep 2023 07:03:35 GMT
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 2B28 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&cmcv=&pix=undefined&cb=1695193415642&uv=3340&tms=1695193415642&abt=adxLoadDist7-out_vC!dfrc_vB!nonrv_vA!t45!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=ae590398-852b-4ff4-98ea-d087de739176&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2B28
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&cmcv=&pix=undefined&cb=1695193415642&uv=3340&tms=1695193415642&abt=adxLoadDist7-out_vC!dfrc_vB!nonrv_vA!t45!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=ae590398-852b-4ff4-98ea-d087de739176&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16522

Redirect headers

date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 2B28 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&cmcv=&pix=undefined&cb=1695193415642&uv=3340&tms=1695193415642&abt=adxLoadDist7-out_vC!dfrc_vB!nonrv_vA!t45!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=ae590398-852b-4ff4-98ea-d087de739176&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
4.js
static.adsafeprotected.com/ Frame 4B5A
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://sports.walla.co.i...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_R5kKZfW1BdXkx_AP0vC5oA0&cbFunctionName=goog_wrapCb_R5kKZfW1BdXkx_AP0vC5oA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_R5kKZfW1BdXkx_AP0vC5oA0&cbFunctionName=goog_wrapCb_R5kKZfW1BdXkx_AP0vC5oA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:20ab:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
date
Tue, 19 Sep 2023 04:09:27 GMT
x-amz-cf-pop
AMS58-P3
age
96850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
OplnyQF4UMeFXs85xk1wDUTyU_ORMLKJvBiIt64LdBLZUS6HvwE_UA==

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
server
nginx
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_R5kKZfW1BdXkx_AP0vC5oA0&cbFunctionName=goog_wrapCb_R5kKZfW1BdXkx_AP0vC5oA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 15FB 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
1983387
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
hPVwiBHuo6ftPXzt9KIqSbTqOcy64wdpIMvaouH3H8qWknBvUsC9Lw==
dpixel
cms.quantserve.com/ Frame 7D32 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaGpWvW8jv98JjJENdrwBA&google_cver=1&google_push=AXcoOmRr20usXEEH59OE_QnSfQM9ovMHVpK-4ps0df6yyjpImt1uZ0mrl9glnkRpjixBLifZ7UhhPrEbyJ1lxyviyyV41hYx-FY4_A
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 7D32 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOZ6QlOuao6O_lEPn90aoJg&google_cver=1&google_push=AXcoOmQyRVMgd0mtTfGlJgDnNvlxKjdCFytl_ICKIeOEkJwr0YA9nEMnhfERgkeyC79DNL-nh6QDGunLdJQsVdvftdXb7e4xlZYhAQ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7D32
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAhesjDPvb1Oq_WEZiUHYAo&google_cver=1&google_push=AXcoOmR76SjoBEedzxRFcS3k-Mve-BczBKmxrhOCtEZpmyxILOW6uqVpmLgs4rCz9DVtj8XPSx3XmnTv7YsUME...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI3Nzg0MzkzMzMyNg%3D%3D&google_push=AXcoOmR76SjoBEedzxRFcS3k-Mve-BczBKmxrhOCtEZpmyxILOW6uqVpmLgs4rCz9DVtj8XPSx3XmnTv7YsUMEynvk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI3Nzg0MzkzMzMyNg%3D%3D&google_push=AXcoOmR76SjoBEedzxRFcS3k-Mve-BczBKmxrhOCtEZpmyxILOW6uqVpmLgs4rCz9DVtj8XPSx3XmnTv7YsUMEynvkQ4w2XB_u4cCA
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI3Nzg0MzkzMzMyNg%3D%3D&google_push=AXcoOmR76SjoBEedzxRFcS3k-Mve-BczBKmxrhOCtEZpmyxILOW6uqVpmLgs4rCz9DVtj8XPSx3XmnTv7YsUMEynvkQ4w2XB_u4cCA
Date
Wed, 20 Sep 2023 07:03:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 7D32 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENyNvveqCgzY05y936ca7B8&google_cver=1&google_push=AXcoOmQkD8YHDX_MdCiZM3tLcGbHlapUg_br_ILFeHP-voMdBtsWxOJ3bt5IxX6trYQaBbigiHLrYtKVdRvi-qN_a4zz97qra_Aw
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.225.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-225-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7D32
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTM...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcG...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTMuUU-OFQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTMuUU-OFQ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLgY5DedKBGvDoRAQtHwH_2XM_pXZcgrlJI42zwE6ZPOha2MUnek2DtRrLBv_5uaLTon4605-t3Fuf8N7vwhxcGTMuUU-OFQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7D32 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRWMZABA4tInvxPqyVapoAPh_XeYpoWinOJhu5-1uslgeCxH6rlZ4JaJ-eZso3Wd_v6U_o_-ZkuxbjapUTse2nI99FR7y4gEw&google_gid=CAESEFMCmcSbdRgIlqTdgjMbrgo&google_cver=1
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
227175
expires
Wed, 20 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7D32
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t980A...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyODAzODAyMTA0NjQyMzA3NQ&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t98...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyODAzODAyMTA0NjQyMzA3NQ&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t980AmhRorkQ7iNxV4fgVDA-BqQ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyODAzODAyMTA0NjQyMzA3NQ&google_push=AXcoOmTAoPxnJsWKcL1Ki7nQ5_0j15VS6TafzV024c_dy2263aYMWsRbBre0kLUdVvIMYwlJ3n6t980AmhRorkQ7iNxV4fgVDA-BqQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7D32 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwrcQyxd-Moxl0FvXCgFV1H8RyfzOW1O4KrDgGgKkpBIvhgFfy4zoX-4c0MXBiN5XoSqdq
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuJqJRZkKZfeSHYOogAf0qoDAAsWc0J5viJqln-wQ66v0ysIBEAEg0ZPDKmCV6qyCtAegAdiQoKQDyAEJqQJPGtiIHO6xPuACAKgDAcgDywSqBLkCT9B7eMUMCmF6ZreN8TpzwCYn1QH-K8fS-TJMFnfsobxXxSzdAHob-yj4k0lrfcdsz8v4b4nJ3VTgD_0QaGFnBEj-gmT0qqzTsu9s3WA-COq3Uir4vpSgmEMkE-RPVJ1Klh0SZ-7Uk_uhuLxcv1dVe7MPc6Dnnd_Nc3N8fw4rGzc_oAdW-cW1KxnoCPrdJG2gc5TXgnd94Neu_N0yPZpB5dqT1FBiTbHS-hmLStmWUiqTbb3hhWfCUHYUEsP4r5FxH1jWBl2c4QoYK35iWyh6MCtWteU5si0B_m8xmRWnbkqcS8t8HBh-xUbYuu_xgz4pAy61l03yO8D6RFK8O_rf7vuZqnbdWK3Lk7YwFPrVAL8-7oSNObVK2aoOWFr4F90XJSlLzntyGbn2lfoAlas3WpCdTDsHqsiawcAE3IqN_7QE4AQBiAWJ2MPFSZIFBAgEGAGSBQQIBRgEoAYugAeQ799bqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMG-FdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCUlodHRwczovL3d3dy52b2xrc3dhZ2VuLWdyb3Vwc2VydmljZXMuY29tL2thcnJpZXJlL2JlcnVmc2VyZmFocmVuZS9pdC1qb2JzgAoDyAsB2BMNiBQE0BUBgBcBshceChwIABIUcHViLTc2Mjc2NTAwODY4OTU1OTAY8eYT&sigh=QPKAUvpr33s&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 67F1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CuJqJRZkKZfeSHYOogAf0qoDAAsWc0J5viJqln-wQ66v0ysIBEAEg0ZPDKmCV6qyCtAegAdiQoKQDyAEJqQJPGtiIHO6xPuACAKgDAcgDywSqBLkCT9B7eMUMCmF6ZreN8TpzwCYn1QH-...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223295855375021501677%22,%22debug_reporting%22:true,%22destination%22:%22https://volkswagen-groupservices.com%22,%22event_re...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223295855375021501677%22,%22debug_reporting%22:true,%22destination%22:%22https://volkswagen-groupservices.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22881330264%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213366631477341247841%22}&andc=true
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"3295855375021501677","debug_reporting":true,"destination":"https://volkswagen-groupservices.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["881330264"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"13366631477341247841"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 07:03:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3295855375021501677","debug_reporting":true,"destination":"https://volkswagen-groupservices.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["881330264"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"13366631477341247841"}&andc=true
access-control-allow-origin
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
match
ssp-sync.criteo.com/user-sync/ Frame 5C9C
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=d5119605-fdb2-4e...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dog_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE%26u%3d%24%7bUSER_ID%7d&...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3Dog_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE%26u%3D%24%7BUSER_ID%7D&...
  • https://ssp-sync.criteo.com/user-sync/match?p=og_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE&u=AAA6BE7KFTMAABegieKCFw
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=og_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE&u=AAA6BE7KFTMAABegieKCFw
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 20 Sep 2023 07:03:36 GMT
Server
gunicorn
location
https://ssp-sync.criteo.com/user-sync/match?p=og_4aV9hWEVkOXplbUtuT3BOcXRKZzdOMm5FWmJ3MVlPbW1yaXkxSzVSYVlpY1JVJTNE&u=AAA6BE7KFTMAABegieKCFw
strict-transport-security
max-age=2592000; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame 4E32 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 4E32
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15939

Redirect headers

date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-aav50f5E2oRd2aYEndqqKkPMu.buia1Bs0pdqg--~A
content-length
0
sync
x.bidswitch.net/ Frame 4E32 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8enECLAZMitxcyH55jhKYFLm5kP3yHC0AAABgYID-AEm4XMvBZjlcC1eTiVs0s5nWyuHK4RYZhruRy7dZLnazISAJl2s52CyHa-FqMnGLZjbTWjlcOdwiw3A3cvk2y8VuNgUXxnKZDGqBim4yuzyfg4Zhevn8lucbbKDpdPhc93rN4W85fe66h9nssGv8dqXZLwcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHGIMMvD7rW5LqeDwm1QO5x2fwAAAAAAAQAAAEACAEH8twRADO7kif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjyO4-fWZ9sjgvkYLLIowAAAAAKB6bEB6ZpBNULKr8___3WwG4AgAQoBhrdruVRXdQ4i0MAAAAwJgFelj8frPDrvG7Xeb_________38z_mX80QkiFH2mCFHCl1PwCAgCs-QUEAGAjbgAA3gTACToJsVpMJoPJZLE6CrEbzha72WIxmR0AAACAO_____96QGC2so0mG5vH4jFMhivjbjmxmCwm53Jm2UxWppX3qLUb4oNIZDX3ySi6yezyfA4ahunl81ueB_FBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwZisRugiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEM7PhZjacjdyy3cjiFg1GhrVyM7GtNRObxWaZzGzG2cwten1MH8NosfK4tkgwoGMvkqdFOlEsBjOPazQYLHcbi2E5GawWw-HC4tjtFsvBcOaYiCWak0U6kV32hdnKNppsbB6LxzAZroy75cRispicy5llM1mZVv7ObLiZDWcjt2w3srhFg5FhrdxMbGvNxGaxWSYzm3E2c4teH9PHMFqsPK59Y7ZcLZab0WKzb8yWq8VyM1ps9h06w3f1ORtdt4zj4_NGb7_r8uY0KFwGi_cnMS2m3dlBdPIdnTKHR1nQGf1-v9_v9_v9fr_foPUczAaFb7Y8zWQvzeIW7YYPYoNBEUsEF-lE9zCbHU6zW_cwmx0WsURpukgneolYIjhdpBONw_Ty-S3Pi_qPHGIznCuWy7lmOFdsJqsEAAAAAAAAAGAJppluAgAAAOBkUMPJZrNap4OZrIarxWq5AC5gJnX9BCscrO0sL-8KC1Sq2Aathy_W2GMN9zCbHU6zW_cwmx1WBnDh8s1ss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AVezMzMzMzfwKYjLZDPcPQIVYq9XqdmOtVisgQewWkwn8____Bw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.225.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-225-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dpixel
cms.quantserve.com/ Frame 454A 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaGpWvW8jv98JjJENdrwBA&google_cver=1&google_push=AXcoOmSOvHC7_hAoSNx8MAsQ9dW96FsazQuuSvwiGRrNEKCvv6VK85ZDe80OQ5ef-ie_bAyvPJKiuna0tewvcA7JhB1vcqfgfLFo
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 454A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOZ6QlOuao6O_lEPn90aoJg&google_cver=1&google_push=AXcoOmS-MXMOf_-66r1wnyFG3qGD1e8yLaf9K0Prf1cIAAFrFQWTI0GcG5bml0BcWgk53tdN02HhZkCvr6WatecdcQOu9ibpouk82w
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 454A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAhesjDPvb1Oq_WEZiUHYAo&google_cver=1&google_push=AXcoOmTUmnERXvSNaA-nZ9Y9shGDPqzixQsi652aGoLD6R3_UZJCZB8_yJIYhPuK_7J73I-gAEDZ9eO5DU8yAX...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI4MjExNDkxNDQ1MQ%3D%3D&google_push=AXcoOmTUmnERXvSNaA-nZ9Y9shGDPqzixQsi652aGoLD6R3_UZJCZB8_yJIYhPuK_7J73I-gAEDZ9eO5DU8yAXAPNq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI4MjExNDkxNDQ1MQ%3D%3D&google_push=AXcoOmTUmnERXvSNaA-nZ9Y9shGDPqzixQsi652aGoLD6R3_UZJCZB8_yJIYhPuK_7J73I-gAEDZ9eO5DU8yAXAPNqR6SzUnvwqw
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDgwMDI4MjExNDkxNDQ1MQ%3D%3D&google_push=AXcoOmTUmnERXvSNaA-nZ9Y9shGDPqzixQsi652aGoLD6R3_UZJCZB8_yJIYhPuK_7J73I-gAEDZ9eO5DU8yAXAPNqR6SzUnvwqw
Date
Wed, 20 Sep 2023 07:03:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 454A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENyNvveqCgzY05y936ca7B8&google_cver=1&google_push=AXcoOmRdhPnFIK3AFRj9mFB3Js5wZVNXtMj9EyQ7Ebb1kG-WuJNlCfL6Q3niQ-jOjDTHh-AF0_IiEZC7O4ZTGzySaHzzktu22uxGXw
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.225.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-225-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 454A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40r...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHsECjQgVJdq__6AD7wpzL8&google_cver=1&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O4...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40rx8VLKAg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40rx8VLKAg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRWFd2dIoWkzTPTz-cxTCBdyzcx1GHlWz4nYo9g_saL5UZEQ_2ghYaWEq4DuYpuZ0AamYmaYvD1KX9NqwvX144O40rx8VLKAg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 454A 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSS9CijGpL_gXMN7hBap7AYBlo_xu2sChL3reXFMy_yu0AqoYgfqVVp6OGYspGDAiXyB-kwYNGFHKboqVXWNSiqzpGXg2b_YQ&google_gid=CAESEFMCmcSbdRgIlqTdgjMbrgo&google_cver=1
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
226762
expires
Wed, 20 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 454A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJQcMe-MOUifFBajc7cOTQI&google_cver=1&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfm...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwMDI2MDQwNTAxNTA4OTI5&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwMDI2MDQwNTAxNTA4OTI5&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbILzK_teAD6JIjL5SkUylQ
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwMDI2MDQwNTAxNTA4OTI5&google_push=AXcoOmTCU5QyJLAK189itftvw7LZRUBt2IfP5CEB8eIgLtcOx2fCEPoGeuFApnw7T0wnENlAMfmtlWbILzK_teAD6JIjL5SkUylQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 454A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYS7mhVfGlPrs6RZ_6KyRHzxmf-5IB2O3w9dTO8Pliv-fpapoOJW1N7QC378pmr3S6Q6kF
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bf23a4384bdb6d5981c6228df721b8a
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame A8E0
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/bf23a4384bdb6d5981c6228df721b8a?gdpr_consent=&gdpr=0
0
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/bf23a4384bdb6d5981c6228df721b8a?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835a28c903618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Sep 2023 07:03:36 GMT
Expires
Wed, 20 Sep 2023 07:03:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/bf23a4384bdb6d5981c6228df721b8a?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1695193415975099-551
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 00F2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Sep 2023 06:27:18 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 00F2 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:03:35 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 546E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
81513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 08:25:02 GMT
expires
Wed, 18 Sep 2024 08:25:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVs8V,pingTime:-3,time:205,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:101%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:206,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B197~0%5D,as:%5B197~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,rmeas:1,rend:0,renddet:svg.us,siq:104%7D&br=c
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVs8Y,pingTime:-6,time:208,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B199~0%5D,as:%5B199~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,rmeas:1,rend:0,renddet:svg.us,siq:104%7D&tpiLookup=ao:sports.walla.co.il*&br=c
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 6961 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVoS74D_TNb7MKQrs7Zt0foZtr4Jsx4q6TKEAoxnX2zB2tu3KrHOR8KakU2tBdhWYjr3WvJyynTjiUaThMSNRtZBQGHzCUwV09T3QB&sig=Cg0ArKJSzChbaf2EZbDuEAE&id=lidar2&mcvt=1213&p=1120,315,1200,1285&mtos=1213,1213,1213,1213,1213&tos=1213,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2650887505&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695193413123&rpt=1561&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?tvi48=12004&tvi50=12238&route=AM%3AAM%3AV&lti=deflated&bulkSize=10
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Wed, 20 Sep 2023 07:03:36 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
8052
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
pragma
no-cache
server
nginx
x-timer
S1695193416.994252,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v1
match.sharethrough.com/universal/ Frame 97B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
index.html
s0.2mdn.net/sadbundle/11054544220910830971/ Frame 1F89 		143 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
424791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 09:03:45 GMT
expires
Sat, 14 Sep 2024 09:03:45 GMT
last-modified
Thu, 24 Feb 2022 12:30:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4B5A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyF6TTILiyYl5im4JDLO5-Ka8GyjmpeklmsWk89pnSlUT62p_23l2wI5BecfsjYIQ1J6q3V2F4STau3Qck3LnPunOxf8QJK0wjmNh08ZMkPyHCrW6s9aM6x9VUaFoVIMmm19aMFeikrgQKlyfeepHHpoL0cZYnLarVDP-ffiCYG655bnzg48CbW3hT7btBCxNGHHbkcjaUJLtEgVNQLcssm3J5mnK_2ZhVxMk4nlTi6pVoOjBeDS6UtH7I8AzXuMCIZbr7gORZRzmXCo3pJMY2dKbDrIxz3zbfKq02zE6S-zEmbYPvzuO6KIZn3drXfkXjFXSpqHDRpeOxjELfeC-FOQLn7RxtRIh7travXCcx0X_NeKQOeitDYzmxS3ee2d1nmLs35ZM00yA1TMfDbnXHFJ9e8JlpbPg-cATgQz2nvndGJZcKtJs-JdAuJf3WEmkf2wrrnweWL7yuV0dbf8ihrSAqTSXHBHwVl9yoNGqVtZ31PLckSgZSF8GYE-TPk-sSAetwnmLocqchZHgg3_7QFGPQxMPjD-QyFj-zvW8tf92AU94qprlqCRAnFYqrrKRtFGvOo4cpvKoMG9g5_fV9beqBWVqJBYAr4qua2uTVshD7GdJgafBMHKd32duzF2OuunecXvDhlQYVTWTeqySoaHnvsDGTPRsq0K6a7v1MoDHPE1Gu6RxdcOIwgAD9ik6ki6bjHHN6wcnO_ixEsH4Fxma3_3G1G2mz62YDJhUyKjqagDTnSAXiRsr-VF2nzUpk5vzfkJukug0SrW86jAK7kkj3XUel1hWK2Yd5NOPQ7QUF2SOKHAE8vI79CmvTXU-ehkaLBx3434PygieIWX9KiTwJotDO7_WSYV9_-mNvHD1bBWk3dvgJYcs2Hv4xwSB1idiF3uEX4PUtv0yQ-uuwyVJ65JfBOsnjv-6Gw1zGndjgc3bYtW8cV4C85ms-_t5pcnSJh61vq5dKeTMRcxT_zJzCSaak4Zt4D6YCD3mGnt6SbCa1oaSU5HUFEpovn-_noRg9RZ1qkGg_x46Vc_-f8lm6B6HGyCrkXsg7QMYa2hGxBAvWrf7Z5hynahfz-aWWeaEtp4PWSaNhSBF6EgaayacFZO2FdLhZjP0_SmNwl1sn2cI2FZy3Q1uQNpefBUVlCMkVgwoKW0nHZOiWDH2cT0I1thyJwSrZN8g-u7ZLGtGVUzzDajuA8KdigoehHvQ2huyN01K7GDytWlGk2Gj3G6CVsQ5_oLlosPVdpRBLcqjT2EGsCfzyoBNVYnCNMA6R2dEU96UgYif6JlMfuHrIycHgvoZFXbkAXaB4imTatTZlQRkNuKoLi9_jZBiSIUGDWKRXRWPyAVzxtD4U6Fhcene2aLrBqNE_ycxN&sai=AMfl-YSCIi0qGIQLAQ7d7f7ifdND_5DrJsK7o53dB_6LgPM77-ZTVkMo-1ViHu8jyY-EetSgzMc17ftkmy5kDUu2JHISOV9K-mpH63TRYSDnedGQLEu5TkgIRGKQ1OyLfWLm8ulQpj0MKlopIWFaVZGv7bOQNIYKANe5Dj06p6osLapjIFz8lc6DnF0J0Vm-krItryr5WMu-q0ckXilNIIha_U3jBE48wj1UJacQZTE6HIeEX-pzok053yyd2wj5DFiVDm3N7zc&sig=Cg0ArKJSzFfbfdUYCIHuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=649&cbvp=1&cstd=644&cisv=r20230918.05833&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:03:36 GMT
css
fonts.googleapis.com/ Frame 451C 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 07:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 06:20:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 07:03:36 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E0FC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
81514
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 08:25:02 GMT
expires
Wed, 18 Sep 2024 08:25:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVsaN,pingTime:-2,time:321,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1799,beZ:1801,mfA:1804,cmA:1806,inA:1806,inZ:1812,prA:1812,prZ:1894,si:1902,poA:1904,poZ:1932,cmZ:1932,mfZ:1932,loA:2007,loZ:2012,ltA:2120,ltZ:2120%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:101%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:321,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B312~0%5D,as:%5B312~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:104,sinceFw:215,readyFired:true%7D&br=c
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
15796797209832020217
tpc.googlesyndication.com/simgad/ Frame 451C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15796797209832020217
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df9674e9d102a33943b8495a67d5dc719d674ac6244248e0a134a576ba22dfd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 09:57:00 GMT
x-content-type-options
nosniff
age
75996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11449
x-xss-protection
0
last-modified
Mon, 11 May 2020 13:28:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Sep 2024 09:57:00 GMT
N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
pagead2.googlesyndication.com/bg/ Frame 451C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
19950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14699
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 01:31:06 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223295855375021501677%22,%22debug_reporting%22:true,%22destination%22:%22https://volkswagen-groupservices.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22881330264%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213366631477341247841%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 1F89 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Sep 2023 06:22:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 451C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
442604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 04:06:52 GMT
all
csm.eu.criteo.net/ Frame F01C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=YTZ8_HS5Bd5uLVgukMkfd23GfErTT0L3gHJOZRvK2vtjIJjpAD6TBBqj9JNhzcWWkGwrs4Eaut6Ix4E9vA1603-eqPvXu_yJbNTlwnVj8XlXQtcS8BkS2xSyuZh9hDZb7PsNSLktbDoMLMWndIzdAUmk2XYIEvtce0GW6W1XJaZ8vZ1oVwtZ06USoqWYj0x6lX4JEqBzFDe6Awi9asrr2otPTFdoJSB2Qi1KAmUJJMZnqRUPw5LrND6jdb8PfJVHAaUEzw&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY4H_YJFAA9zIdl5IOgnNk8czrnlfg&u=%7C9np%2FvQTggdkVtJxRMDTOqTkm7fHNqxXGexD8ajqnFaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyE6SO8U8aAVVklOcJqeX2W57tpCZzXLeFkq1vxC4FyhRblEe72stFMKI5zAWSKK6u5tOVs5yamMeASanrdq_lFr4qWWjt_LUBqePLJnk7Sb7gZJ94p0OI1XVBm9JH24vn6zkF8XqKcBAQ3g8EIIEVXXv2qiuL8sjjj8HRAHXFzU1po5UJ6EBqhYs-OTw8kD0TVordMoN8-oDrIgkuYYtqI_IXlJJWvXDXOIQU5clRBGNkbJW6soMfntmzSeTl40O619facAMwBpmtDdkFv8HRhEJ9pj7JQA1QYv_j8lGgnLuxiXlqmrltBtxMda3BpRpvoGQKrmKtCaYC-BxE9CNxF4qqCC_MufASbF0TWXXu1ilojKEi_rUq49y7kW9lILecJcIk56LWibDmLu3DoYLA_nEa5Q2cCHJhAkWOevHNgL9guPRetuMx1E3tkBUHn8qnOHtlOMrtbtjR-ChzEJbsmK4sz4U4Qjp7jAE3_BDAwH_OmvcLdzeLKfRH-xCJu7jKJZAh3Lk8ckfLw7_Qng7ZKkhq5K4TJ9BglcK5btXSEkbdSg8c_nJjE_N34XtI1M8rkKrX6f5HxermXPTngwrMzCCmEXv2R4tcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV-UCRJkKZY6TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEqwJP0IwFoKsKhTvtRC_XeO87N9YCWWyN09oFvgJNYd3C6xR1Wpsxc5ihxijodOm5bLr04wEmgiedkVAQzrqmsuxv_qoRaIv7wBR0BrbzQDYRwz9BBaWdS3b2O3zbdkmonEZ1Wu4gyAgXTeqFB6CvRnqydOgxgHp7dAZ4pGH6xEdMYYc1ZNLg95_0MkcxlHyhWB0h3C20jyq_TQCY9sDsik2_uGwkmMD1gdvcryyi_B5Rc3dT3vDylxz-icavL2-f_tXZnY9r8xRl4ZHFts9klxcMA-W6B_EUPcWR-BCnhbp_qC0xy7X0WyCP-bL6FogZvSTkB47JeI1Bx2N_DIgnIaf1-IDjI1iQ4yeupUxr8Qb0R_KjttJ_tQaAnvJ-OLkhzUWQfxs6-0ABn1OaruAEAYAGs52249XmwtNioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2kLDF-SuJ1Fk4EwXxOG4gvzvoXPw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 20 Sep 2023 07:03:36 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
2165
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1695193416.283813,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
2
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1291
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 451C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
321977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 451C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
402041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 15:22:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A253 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwNNN4o0YQku_Ywh7oLoFsqOjjeKzopK-6NqrnSsIhgtdL76kgDylSC6c0JSp4Xnr64xhDlRXu_3_qT0RzFteNCoAfUM9P6UGZYejlUZP8HFBL5LzbXo_sN8CWDqKJPNNBM_iLJrrsYgaT997guJNd-5W9nHRR1aZOxpNSPqS0XAjOgXsISFyOaZX_5wv6FusVkvFb2jd0J9wgNAF35LNPRUoCC7P48Uoj0mQlkRLIAxG95tAU4SsuMzoEi3v33wNYrRfv-BybZaYKaTyPz5ZSaL7zvy-fdIkjk1Ntenx1FgSIZTgZ7pSP1VIH3BTo_Xr3ReZBmpkWRDtQjwr2BAB5wmI9dndLVXRcvoB7xdez4zcKqqHWEEySnB_lKZGVGv9UwZYZskiJCcoW3GdiGTwcO5miBokWqeU4c65fqfG2zDWKjk0RuJeqqJ9EZgnkDEIqcEP0_SyRwlNbaXUBtKq5qKuMlqpFgw_dR_XvuNiyzGc73ZhPVVPSiMKwZb_iYB7rZXcRT1c_bODuZFRxTM8zpsoam4zBOGQlSop6xDetzmsIeD4curnfn9mf_awd1iY9zjDqDL0aacMGLild8qs4RWuphdF1mN3PgWEXXtI-rhtP48xC2I14DS2OFNKARbwGBPJlNFo6pIdjoSOmNtXLUXV8DwEtpoqimxPbCmlk7ng-FONLJ55OEYDlVSyJ2YT5KeevkmRWYrBvxJvv2C-0YgMKygc-QfKqpAnBc5GHk11XZFRqr2ChhJtDyBfUoRQu_4g0vuK8wnBTnFUD597uknSsrLf9v5a6Je8QsDEDvfDPtZN6J6RFx7_2EUf8tasSM15reCZtx8gTWMXHfHYv2-rYCpkN7rxAWhtXk8BmLV5aSwzNycXk8cXD85adlxgUgwTIvQQnOHtlu8w75kY-ARiuA8MUCSNesyFoV3ZOU0r5wDnBIvCIJp7n4BERqGGzQPxRsyFvjMrLaJtkLUMHFze9srtXUV8Ii-_34UiQqhfBDoCsrRmTHcNlcwc5o0J1WxiGtb1eIFLc3v1iy1tbvGLpLhj10IfrLOb3sn0jtD6_0KfHSZFxCLvK8OnvMAcjkgQmOkmkU22piWMXc7tA5ZzGAdWtjeQwG50Qg8pHJr_YMaJIOdGdTMz4hZcTPW5TKq-N1o4bYPruwputcTMQApXEzirKdew_VoKVnQz0sUO1Sx6PckmYA1nkOOjrMu32yDFQCIbQWhHVZWbmjiWtMHjiwLjciUDp1CYugk5Ov2z0-Dj_phQ8ypPJ3S9loTQl1KoftvUIbcsO3sGPjJzLEDPrVhcwNCp9RGdsWqaSm6JIVHO1a3HkrYI7s66K2_kSCbJxzIW4_3hbrzTjkv6IU-dIICyy253822YuJ_UTmfACqtip1ar4DDdT0aojRY4&sai=AMfl-YSkDQLGd8Qb3upAkmJn_wnbcvCNTZk9iGuAdSPZfzN8Ei6H6RbeFG7bHLxa0cZGZ9AZHThIqEkQkL0VF37X0GMK4C1qvIHWP2X8rohDVNDKEENoboD3I0Yqc2lK63sJ10Wino0h9gRaRmVXdVYXbGw3qWY55t655yiMa0AE41cPIvupHXOlICAkRA6VvKPpy7e9hUvfdpJK0J2UP5aKHFm44AcIpBIQLSqRZMLLTTDvIpJbW1cbE-MqRPJw4dao-T8vquQPt9b6zpt4e6HAy4PdhTU0NGgS&sig=Cg0ArKJSzAzyxT3dX6-vEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=894&vt=11&dtpt=565&dett=3&cstd=310&cisv=r20230918.80003&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 07:03:36 GMT
N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
pagead2.googlesyndication.com/bg/ Frame 546E 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
19950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14699
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 01:31:06 GMT
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame E0FC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 06:58:56 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 20 Sep 2023 07:03:36 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
979
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1695193416.403944,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
28
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
5423
view
googleads4.g.doubleclick.net/pcs/ Frame 4B5A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyF6TTILiyYl5im4JDLO5-Ka8GyjmpeklmsWk89pnSlUT62p_23l2wI5BecfsjYIQ1J6q3V2F4STau3Qck3LnPunOxf8QJK0wjmNh08ZMkPyHCrW6s9aM6x9VUaFoVIMmm19aMFeikrgQKlyfeepHHpoL0cZYnLarVDP-ffiCYG655bnzg48CbW3hT7btBCxNGHHbkcjaUJLtEgVNQLcssm3J5mnK_2ZhVxMk4nlTi6pVoOjBeDS6UtH7I8AzXuMCIZbr7gORZRzmXCo3pJMY2dKbDrIxz3zbfKq02zE6S-zEmbYPvzuO6KIZn3drXfkXjFXSpqHDRpeOxjELfeC-FOQLn7RxtRIh7travXCcx0X_NeKQOeitDYzmxS3ee2d1nmLs35ZM00yA1TMfDbnXHFJ9e8JlpbPg-cATgQz2nvndGJZcKtJs-JdAuJf3WEmkf2wrrnweWL7yuV0dbf8ihrSAqTSXHBHwVl9yoNGqVtZ31PLckSgZSF8GYE-TPk-sSAetwnmLocqchZHgg3_7QFGPQxMPjD-QyFj-zvW8tf92AU94qprlqCRAnFYqrrKRtFGvOo4cpvKoMG9g5_fV9beqBWVqJBYAr4qua2uTVshD7GdJgafBMHKd32duzF2OuunecXvDhlQYVTWTeqySoaHnvsDGTPRsq0K6a7v1MoDHPE1Gu6RxdcOIwgAD9ik6ki6bjHHN6wcnO_ixEsH4Fxma3_3G1G2mz62YDJhUyKjqagDTnSAXiRsr-VF2nzUpk5vzfkJukug0SrW86jAK7kkj3XUel1hWK2Yd5NOPQ7QUF2SOKHAE8vI79CmvTXU-ehkaLBx3434PygieIWX9KiTwJotDO7_WSYV9_-mNvHD1bBWk3dvgJYcs2Hv4xwSB1idiF3uEX4PUtv0yQ-uuwyVJ65JfBOsnjv-6Gw1zGndjgc3bYtW8cV4C85ms-_t5pcnSJh61vq5dKeTMRcxT_zJzCSaak4Zt4D6YCD3mGnt6SbCa1oaSU5HUFEpovn-_noRg9RZ1qkGg_x46Vc_-f8lm6B6HGyCrkXsg7QMYa2hGxBAvWrf7Z5hynahfz-aWWeaEtp4PWSaNhSBF6EgaayacFZO2FdLhZjP0_SmNwl1sn2cI2FZy3Q1uQNpefBUVlCMkVgwoKW0nHZOiWDH2cT0I1thyJwSrZN8g-u7ZLGtGVUzzDajuA8KdigoehHvQ2huyN01K7GDytWlGk2Gj3G6CVsQ5_oLlosPVdpRBLcqjT2EGsCfzyoBNVYnCNMA6R2dEU96UgYif6JlMfuHrIycHgvoZFXbkAXaB4imTatTZlQRkNuKoLi9_jZBiSIUGDWKRXRWPyAVzxtD4U6Fhcene2aLrBqNE_ycxN&sai=AMfl-YSCIi0qGIQLAQ7d7f7ifdND_5DrJsK7o53dB_6LgPM77-ZTVkMo-1ViHu8jyY-EetSgzMc17ftkmy5kDUu2JHISOV9K-mpH63TRYSDnedGQLEu5TkgIRGKQ1OyLfWLm8ulQpj0MKlopIWFaVZGv7bOQNIYKANe5Dj06p6osLapjIFz8lc6DnF0J0Vm-krItryr5WMu-q0ckXilNIIha_U3jBE48wj1UJacQZTE6HIeEX-pzok053yyd2wj5DFiVDm3N7zc&sig=Cg0ArKJSzFfbfdUYCIHuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1043&vt=11&dtpt=394&dett=3&cstd=644&cisv=r20230918.05833&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 07:03:36 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 00F2 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:59:19 GMT
x-content-type-options
nosniff
age
257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:14:19 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 00F2 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:01:00 GMT
x-content-type-options
nosniff
age
156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:16:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 00F2 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dcac33bad9abe6fdac05ac8c57851ef095aef9a7e195c63df09dfc830fb6b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5898
x-xss-protection
0
60005582_20230906070145446_GOO_Pixel-7_Pixel-Buds-Pro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 00F2 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230906070145446_GOO_Pixel-7_Pixel-Buds-Pro.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0110297bbea74e04fe0ec924bad10f3b354b09d9fbb10c6dd2874679c73f9ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:44:01 GMT
x-content-type-options
nosniff
age
47975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48206
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 14:01:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:44:01 GMT
60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 00F2 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 14:19:37 GMT
x-content-type-options
nosniff
age
60239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62713
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 14:19:37 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 00F2 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30586872_4307561_375023255_145353403_DIV0604A20230906&ref=30586872_4307561_375023255_145353403_DIV0604A20230906
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:36 GMT
via
1.1 varnish-live-1-1
CF-Cache-Status
HIT
age
6426992
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 21 Jun 2023 12:27:00 GMT
Server
cloudflare
etag
"2b-5fea2e2654d00"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
109565401
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
809835a4ee102c4a-FRA
Expires
Thu, 19 Sep 2024 07:03:36 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsports.walla.co.il%2F&domain=sports.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Sep 2023 07:03:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
191970
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsports.walla.co.il%2F&domain=sports.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
243224
expires
0
/
ssc-cms.33across.com/ps/ Frame CAF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
server
33XP020
x-33x-status
2000208
/
csync.smilewanted.com/ Frame 29D9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec744e5913410d5b97433f5e4637058a48b96053dd4d9ef526555c526cfd361

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835a4cf553618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
server
cloudflare
vary
Accept-Encoding
pd
pixelgroup-d.openx.net/w/1.0/ Frame 2D84 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 20 Sep 2023 07:03:36 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 4281 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 20 Sep 2023 07:03:36 GMT
usync.html
eus.rubiconproject.com/ Frame 50F2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 07:03:36 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F118 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1695193412965
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 86A2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=44557
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 20 Sep 2023 07:03:36 GMT
expires
Wed, 20 Sep 2023 19:26:13 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5166 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
1664
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Sep 2023 07:03:36 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 14083
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220065-FRA
X-Timer
S1695193417.529172,VS0,VE0
beacon
ap.lijit.com/ Frame 1CBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Wed, 20 Sep 2023 07:03:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 6A9D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1695168000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
865
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
809835a52ac2bb49-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
expires
Wed, 20 Sep 2023 11:03:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 00F2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 07:03:36 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 00F2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=hzLA9eUpti&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:58:04 GMT
x-content-type-options
nosniff
age
332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:13:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B5A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3TpcpyamGzdn-tvt1tWAo8fDsoaXoGczgfXnTxOLEyLmqqZZj7-rvYZqvKkImmdfduGUzkyLPBcYa5mF4uNKjuXYF9X3gUZJhm5o-Q_CbvlK68xGgyv4oV7s4iaumfQXK2BR83xfHWBQ_&sai=AMfl-YQjg5X8_LsaxxUimdKe5A4kwyXtSwybKfHg1VGwrX6aUFef1sEMiAtxScd289unobgq0MX3ak2FAREJgEGQ7yQF3X58Ho9Ju58KJ0KXKEgPqUdgON5qju-NzQbS&sig=Cg0ArKJSzFJeMfKLLDboEAE&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&id=lidar2&mcvt=1131&p=101,315,351,1285&mtos=1131,1131,1131,1131,1131&tos=1131,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1635426353&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695193413965&rpt=1497&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 1F89 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:05:23 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 1F89 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:11:16 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 1F89 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:07:53 GMT
head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 1F89 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3441
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:16:27 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 1F89 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:16:15 GMT
970x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 1F89 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/970x250_kv_paar.jpg
Requested by
Host: a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490a0a636b6524b952dc10a3968522b48f663b70f0ae12aad99bc22bb9330cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:54:17 GMT
x-content-type-options
nosniff
age
559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34678
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 10:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:09:17 GMT
usync.js
eus.rubiconproject.com/ Frame 50F2 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 14:17:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25990
Connection
keep-alive
Content-Length
10516
Expires
Wed, 20 Sep 2023 14:16:46 GMT
/
pips.taboola.com/ 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230103-FRA
date
Wed, 20 Sep 2023 07:03:36 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 86A2 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59529838&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b8793a9436203d3c6772b6f90ffd5ad9c144c5967ab90bc40cee0a8e58d7fc50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 67F1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGq9CxDz0h4hg07ARR67_VqpTaFCkHqsoVJlrjPeow9k4O-0fzeBnphgLyR-56aAY0XRsOTwSjrBrWQMZv5eiq7ZxG8n5FaGDiEBKKAxVbwzDhBMbA3Tzp5U1xnuNcDnLFVCo1PKmbSxoH3gainwwTZYkAmUrM5sjm6XpO5k8&sai=AMfl-YQhoXowubJGgrIiyOBuE2jA9GZIz8jslhayKOrSrc1mV046JlQXQ4f6ZDXiLjzrv8_5jLfy1qQbXsI7VKp2aP8pZ0rL-6rTkdl9TX2ZGEn22Z3PIPbnwDp4zi0R&sig=Cg0ArKJSzDy5rD6nrbcBEAE&cid=CAQSPABpAlJWX_GUB6W7If3ikgvChoraH2m33tkOQ37O4IIYdx5SqAuN0bK196atEbSifcc3FDH9HglbJ0hTNxgB&id=lidar2&mcvt=1105&p=185,1440,785,1600&mtos=1105,1105,1105,1105,1105&tos=1105,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3318932457&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695193413983&rpt=1632&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E25B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90efbca246f33c1760f539ee8a2b050783dc57554985d4e67492184d1213ec24

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
809835a83e7e4d38-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Sep 2023 07:03:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i51GGVmbek%2FxEFyfBdnECO%2BTv7KIrinwlI52UaKI6a%2BlRHA7ooeb6s4E3S0QWPYWP4cVNDp5uWzbePVp7tAHFW%2BrbiKEiCqMWlCLx6XCww2irL%2FLk9A%2BblkJ98GvHSXC9SVxlQNv7pteZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 5166 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:36 GMT
an-x-request-uuid
7acc01c7-3f55-411f-aaec-a1314d2ddcb3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 19B4 		193 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=0024a8f8-4a0c-42fd-9099-31643be23590&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57727
content-encoding
br
content-type
text/html
date
Tue, 19 Sep 2023 15:01:31 GMT
etag
W/"26fac2aab0da1220dfb31537337da864"
last-modified
Thu, 27 Jul 2023 07:10:40 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id
t-pu46ZDBogI-ZhoIWFVAQHrNpnu8-ExIEF8XB8f0ntCg_BBS72Luw==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
qHjCUfZm1tQdGgBJuTqxtyNTpiQNb5ro
x-cache
Hit from cloudfront
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 29D9 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
651335
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
809835a73a7e3618-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
12.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/12.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ca17301a2bf2b63de571f0823a3402aee20a68d6a7a6fe96ad95649c524a4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Thu, 31 Aug 2017 05:46:15 GMT
Server
Microsoft-IIS/8.5
ETag
"80ad85751c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6683
33.png
admin.teleline.co.il/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/33.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2a78893d50925a1e12b1735a47ab735668141df8026f180998f00da3b10e0865

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Mon, 29 Jan 2018 09:50:19 GMT
Server
Microsoft-IIS/8.5
ETag
"80ff6692e698d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4243
139.png
admin.teleline.co.il/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/139.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
71a8c42fbd2b7abe64b2f21e257715d04e579d4a80fe72c969cdd5c417118528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Mon, 19 Feb 2018 06:24:27 GMT
Server
Microsoft-IIS/8.5
ETag
"801fb64a4aa9d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
8432
326.png
admin.teleline.co.il/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/326.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
599e48f9d8d0c1d97dc3f2bb64f75e63ce51a314787a7c0a3394ffc711b25835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Thu, 31 Aug 2017 05:47:17 GMT
Server
Microsoft-IIS/8.5
ETag
"80207a9a1c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4473
11.png
admin.teleline.co.il/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/11.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a755b2a5c7eb8fbf5dbf133f7c4b3a9063d058a361c8638aef14246268f05e6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Sun, 19 Apr 2020 20:20:39 GMT
Server
Microsoft-IIS/8.5
ETag
"d860e9fd8716d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
7920
1069.png
admin.teleline.co.il/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/1069.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
21f2958644bdde43ce46b9840e6d0f079eaf6dc3790c24c7c9c2d8c98b20ed21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Mon, 29 Jan 2018 09:50:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0e23a8ee698d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
7566
140.png
admin.teleline.co.il/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/140.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d83dade87bb12112c3b637e4018601d0fe28d6691d3b818f14529b11046963dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Thu, 31 Aug 2017 05:46:21 GMT
Server
Microsoft-IIS/8.5
ETag
"803419791c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
2995
25.png
admin.teleline.co.il/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/25.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0cc17655509456d49a2f33b66f3c0fd7dcc33cf9d61b306eee06880368e81edd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:33 GMT
Last-Modified
Thu, 31 Aug 2017 05:46:54 GMT
Server
Microsoft-IIS/8.5
ETag
"09bc48c1c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
5357
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVsnX,pingTime:-10,time:1137,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695193416900%7C%7C5a378380b846c9d9432633fe4caf5a99%7C%7Cbd1e129058c6f254231648b6cc158d80%7C%7Cf77028495ebc6b93be85c931b99b2ae2%7C%7C7209cc977a5ef356bd0f271dfc654b60%7C%7C2dd2e4df93080cb7bbc850bf9643fc07%7C%7C8f28c08be68414a0442532287f7752f1%7C%7C14ec986dd146c789e3e1828c451778bc%7C%7C1663701684,im:%7Bpci:%7Btdr:549%7D%7D%7D
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 0886 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 06:58:56 GMT
dcm
s.amazon-adsystem.com/ Frame E25B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:03:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KWXEVK9A3Y2H7KRK6GKA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:03:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9DBB5XK55AW9S4XP279C
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E25B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQqZRksIolP6ZNngKvsK6wAADRgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIDJ2CWG1GTDDY30jkC33dY&google_cver=1
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIDJ2CWG1GTDDY30jkC33dY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o74fYnpdfcZrLywRMORAQdgRNUJ2ArayFSC3AtTOI6BlxccwBhHygfKTj25te7sNMMJpZk%2BC1HBcgCdO0l7BCs3w1CjuS4NfVp8UH7QojHCTnbx7hV%2Fjs3V%2FkxLmaAIoZOdgapeCx6MbCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809835a91f5f4d38-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIDJ2CWG1GTDDY30jkC33dY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E25B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E25B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7266556625495896169
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7266556625495896169
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCojg61QVOaEXDptlV2CddC5zZP0u6fluawr4K6DYfTgKlTBYHbwBwhEq2Yqe1jG1qvX24mbslQ17c1GRlMoNuc%2FDcEElB2Sgh%2Byr7FmC2n2mJVbz8hy0YsKFXxQ5b6Kqn2oOWDc94YC75m67PhIaY4a0L6GzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809835a9ceb09b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
an-x-request-uuid
5d697387-5c16-4840-ad70-16933b3c7511
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7266556625495896169
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E25B
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=96999c19-cb2d-4ec9-9ce6-508803fb8dc1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=96999c19-cb2d-4ec9-9ce6-508803fb8dc1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7b%2Fc5TEzn93MR4H8G7LZaae4Mo5KDO5BC0vAfE2A9AkZbWDoV%2BPQTnfmfssKBrJ5MCH6qhGAcATnGRQfoF6w6jWHMzLEmRfifwR3gLr2gH6coT1PJ0pqTH2yh%2BO7vbZsDET8i0eiCBj4YttCNWeMPfEle3YCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
809835abd9559b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=96999c19-cb2d-4ec9-9ce6-508803fb8dc1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Wed, 20 Sep 2023 07:03:37 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame E25B
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710918217&external_user_id=fc5197f7-19d8-49f6-8c77-824d0f936bc1
43 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710918217&external_user_id=fc5197f7-19d8-49f6-8c77-824d0f936bc1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T49R%2Fr4QFKeqZLC9Yve9NYXpqWN538jgYm8loVHLFn6D1zVJJhubLDr2RQmpPGLCduRO9QU9nnNEGCRmyqt4aM9BNCRNELXh%2BtignN0hdcbeQlv2PmuHg8HjmR3LXCtVJyqpZ%2Fj2v4mzOqFLHDSqTkF4hDYeww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809835abd95d9b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 20 Sep 2023 07:03:37 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710918217&external_user_id=fc5197f7-19d8-49f6-8c77-824d0f936bc1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
r.casalemedia.com/ Frame E25B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXH%2FJFWMKGov%2FzK2L3tsHencUJe36mSZpt%2B46iTIR%2Fhc4AiTtxL%2F4M4VcuyEtNMgBUjDWfSoLGsDv80Rv0VPP6X9Jz5nnkvY4hZtkAkGPhvFJ1fPUcjsKqpvLINJWlj35H%2FV"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809835acfc714d38-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 20 Sep 2023 07:03:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame E25B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4A59JtpPX25x5S7VoKkXxorHJoQ
43 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4A59JtpPX25x5S7VoKkXxorHJoQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1ac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdT%2FYQu9ASCe4MGrCb%2FsaUgPhv2HEXVEtVh1FS9NhdMEwLP6ImYO3NKZPHmlXx0w0fBfu5%2Ftx9xDX5lB%2BiX4BXijwMhx3bscz2eoJz8AKKet%2BROwcUDic%2FvjqpmNXxFqJp762LP7D2lHPMR0EIVKz70eBh%2FF4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809835ac199d9b83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4A59JtpPX25x5S7VoKkXxorHJoQ
Date
Wed, 20 Sep 2023 07:03:37 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame E25B 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZQqZRksIolP6ZNngKvsK6wAA%263352
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
42229
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809835a8ff79bb49-FRA
content-length
43
expires
Thu, 21 Sep 2023 07:03:37 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 07:03:37 GMT
cache-control
no-store
server
nginx
khaos.json
token.rubiconproject.com/ Frame 50F2 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame B11E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:37 GMT
expires
Wed, 20 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
958993
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8870
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 20 Sep 2023 07:03:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2YWCE7WP1KA1VV660BNB

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Sep 2023 07:03:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GTQ46A5HBFNZMY01JSX5
Pug
image2.pubmatic.com/AdServer/ Frame 1E1A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt
42 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 20 Sep 2023 07:03:37 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 8A57
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7266556625495896169&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7266556625495896169&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
0e248489-1d2c-4c18-b38a-9c91765669a5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 07:03:37 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7266556625495896169&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 86A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QF16aF-fQveLf1N4keQiQg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:37 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=44556
accept-ranges
bytes
content-length
5606
expires
Wed, 20 Sep 2023 19:26:13 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 86A2 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.185
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 86A2
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3625707806
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=405D7A68-5F9F-42F7-8B7F-537891E42242
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=405D7A68-5F9F-42F7-8B7F-537891E42242
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
via
1.1 google
last-modified
Wed, 20 Sep 2023 07:03:37 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=405D7A68-5F9F-42F7-8B7F-537891E42242
date
Wed, 20 Sep 2023 07:03:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 86A2
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=405D7A68-5F9F-42F7-8B7F-537891E42242
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NWcwS2tZQmMwLXNTcFNwWm1VSkJHbGxMZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=430026040501508929&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
34.236.109.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-109-207.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 20 Sep 2023 07:03:37 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 86A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA1RDdBNjgtNUY5Ri00MkY3LThCN0YtNTM3ODkxRTQyMjQy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 86A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGOyHb8-tLZFbJzY6_nKYv4&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGOyHb8-tLZFbJzY6_nKYv4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGOyHb8-tLZFbJzY6_nKYv4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 86A2 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 19 Sep 2023 07:03:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 86A2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=430026040501508929
42 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=430026040501508929
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=430026040501508929
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 86A2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ups.analytics.yahoo.com/ups/58292/ Frame 86A2 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=405D7A68-5F9F-42F7-8B7F-537891E42242&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
drop_cookie_sw.php
csync.smilewanted.com/ Frame 3823 		0
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835aa8e573618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:37 GMT
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVsxS,pingTime:0,time:1752,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:101%7D,%7Br:r,w:970,h:250,t:502%7D,%7Bpiv:100,vs:i,r:,t:1751%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1751,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1742~0,1~100%5D,as:%5B493~0.0,1250~970.250%5D%7D%7D,%7Bsl:i,t:1751,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1742~0,1~100%5D,as:%5B493~0.0,1250~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:402,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:104,sis:528%7D&br=c
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-sys.com/usync/ Frame 6EEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
gen_204
pagead2.googlesyndication.com/pagead/ Frame A253 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2501456231699&version=m202309120101&ct=76&x=1&cor=7834978199591730000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame 1CEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 07:03:37 GMT
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 9A9A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 20 Sep 2023 07:03:30 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:30 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
8eccd715-b424-5407-bfdf-baf6dad523be
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame CBD0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835adb9e03618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/8eccd715-b424-5407-bfdf-baf6dad523be
smwt256.gif
us.ck-ie.com/ Frame 7229 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 20 Sep 2023 07:03:37 GMT
Server
nginx
430026040501508929
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D79A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/430026040501508929
0
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/430026040501508929
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835ac58473618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 20 Sep 2023 07:03:37 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/430026040501508929
server
nginx
redirect
ssp-sync.criteo.com/user-sync/ Frame 2B5C 		0
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
v1
match.sharethrough.com/universal/ Frame 3FB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 20 Sep 2023 07:03:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 546E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B57DNR5kKZfW1BdXkx_AP0vC5oA0AAAAAOAHgBAI&bg=!DQ6lDkHNAAZQjyUVcI87ADQBe5WfOGg6YlgK0pmS0XkAuby7btaGbLQT_hvhqfwCecCTyMszxJQbQVhs4HOgKL_cdcQ8AgAAA_NSAAAACGgBBwoAPriOYMVB_APrvAj6mE2ssod1RpD7d8uFpm4bGPbh17OyV_WgDtUlNKMVK1il12BY5sCif5UA_tfatqvCVJejmQMUMvGrzNkwqx59afbhYBKFA89XDF9MkBGVpt-IH0Wzo2jpzoZ-zVMjmmNIY57pBIi3qkzA7ojUf_yr1rMcBlJxVSJRaWlLfbYIWWD1AXgrb7L8SLqECT090y__Nj4QkF02YHc_fOAThqd4j0UMNTojRlvLL80fSW52xBO_7RBl7Zz_CJ24tqxTMZXzlAQinTOOQe14ED1NRzY4obpw0u4rgwOlVp0BOt6WyFsoz_l3ut9VIfUQA-39LouMdRHG9IbiL33ZObQ8nf_niU2WT9tOE1dwcQH4LJH1SeguJL-p_n1g8f3N8t1ys-pZooN58OC62fw4EWBIwuwUUG_-PrYZk9NqmG611KYx4R_Kc6Tl5Hst40oJNNMCUz55PyOoRLIe3R8mrgFL6k3DdiHik7WXBscQa6K2MDFUpswAEVJNFgbnLuqODAdIHlm7VBjyf9EidyUINiJbDVJvIEnz4cRhpgds8KNRHz85ELIL6TJmoiJEQ188arLp0Q7zzb7eKpLEBAvphQci3vsmynmG4oVg8Ej_ssaVPr9jgXsTRhR9_rMS-l29EtKmPVkOGxVrBKzft9a9FHKc3CmxPBT7d5GuEFqaakTPIu3lSAXdjRW_ce2SJ58Shkoo0ZpFePG65-zkHU6X8j-aPiLaEf30_dBxgIO7PvVt92vogvrIWQ4aeTiBaicuPcQ1AmphxoWav5YXbBCYv-Bg1pqIoE19jEccC8F7fcDhanRwO3Th6hnCTz0cJoZCw5qbdVGVMic05BQP47BhU27p0UFCv__RaFmMJZc2vkO5a8pS24yBUYaxye4unkiM6q56FE8eUhMCUwjJKX5X11s3h22GyFWKoSXqM9tO5Q88h3X7CMZuQB5r949l9NlYsC5yPjP5j0O8S82fInPQd38v-_SNHDRQl2N2g3u6S7qXeo7HVR-AmSSVxBEJEYieZV6bSTLjMNaezJhoEnpjpAMWBI3hJzf8RjOe9gS-VcHXfATWkrD23Ws2Z74A04GwCiR3kdj0B-0T7pGUXM3TP-HYbqW49U-KDvCBaXirkL4
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smw888.gif
us.ck-ie.com/ Frame 364B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 20 Sep 2023 07:03:37 GMT
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0FC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1W3UR5kKZdO0B4zf-gaa9IegBAAAAAA4AeAEAg&bg=!YWKlYi3NAAbP3fMH7907ADQBe5WfOGBY5P7Q0rgUkWIWPLbuibXO_d9WSsvRg_ECU9dxO4IsaGqu1lWULC7F9NHiodgxAgAABDRSAAAAB2gBB5kDHx_5vZ1Lyom21vtuvyf_esUeEp3MC0z0uX8ozyIgitA58UeJdGapNMMwj4poXDpqT27U7Mp_JuI_-CalGOe7hYgMXF0_onKRyjzld1-qtlMFbxpniD5CavP6yAR8hDxLdHRQ52cJPdQgUOPqmDuB5Ecf7Yc9sxbiSrz_tybH69iLa6VqbmIWB8L_RL97JA9QA7gO9M4iGZeP1BsrF-hBq18fbVovGhkz2UCeHi-ur9ja9MC9BHI3GFLqXYRpTQT9h6LNbptHKxYMjPlZq88lJjHWggpQ_k0H3fRCAx2LfqPjxidFc7fl7wsKBt5EI4ZO4IlYTqKsaNQapAXhoYakfPsnNxJZ_S96O1oADYIpvnhjd8EMhVIztxSxTeRlUKuZ3HOJQlKy8nPNa_anG6WMh-ihOr5w0nI4Md7Lvp9qcDTVdC8G2RldBSw_58498C_AnCm8RdRJCH3Um3eErl1gQNBYsIdzJRmjO-c0coOcY0Phsy_cu69ejpB78xw2Q7vWjCV8Dc4IdIJQtkxJmjT89hDJjhYIc4i0aBc9JHc4ipxFcrWv4knBXBmnblVeLj9167u7W2uJypOld1pTTW1UZquSRTr_-x50pBMuSaF8OoW7mI4WzA6Pe_EUa4728D8u3n3pJKPFVzHdU_vsC_K3V0fcWdpBOGDm48MJYIz8PtVrjJhfP-1Wh9W_fe7NbNfpqU0UPnLj-bMkWf51jXYOqS-ou7q0e8FJj-6vgC8eB5lO9z0zxS0C62CzEPNhUuAE402QTs1q26kspcwieZrY2P3GOJMEfmk3lWlxGAz-ELzjnMV-IAAeFxiEVFV4--IRgX2Dv5XHTc9KJ01R_2er0mU_suKhnLknXGUwrIIngBXrLr-gtoot9jTT78Ph3y0e2cI6IG3A0UTssu1Fzk0ecUYjQaELWvbANPlLvQeRhV0-Zyv-U8O9ZDuJdyNylbM-ltozQEkPd-mICnR2PCQrKNP8kWKMtD4WUctGiFtYcMl9nlBF2NCzdIqBQUpv9P2djQ-aVq87JM5xpzniIBz7eU54A6qJsfiHnT_4sh3o2Oo
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1016780490804&version=m202309120101&ct=76&x=1&cor=17854890235103021000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
O2WM8H2GgudsxtVytB4W
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame D340
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O2WM8H2GgudsxtVytB4W?pi=smilewanted&tc=1
0
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O2WM8H2GgudsxtVytB4W?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
809835ad89a83618-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 07:03:37 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 20 Sep 2023 07:03:37 GMT Wed, 20 Sep 2023 07:03:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O2WM8H2GgudsxtVytB4W?pi=smilewanted&tc=1
pragma
no-cache
async_usersync
ib.adnxs.com/ Frame 5166 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
an-x-request-uuid
45ed4847-484f-46fa-8ba1-b3a56c432de1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d34251be6124594d18e8ecb4c0d081b3379a21426a9dcd41b7bb7fe4cd13c0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12181
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 71D1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sports.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:37 GMT
server
Kestrel
server-processing-duration-in-ticks
798238
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 71D1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=sports.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Rbdom3xSRWQ3cC9LVkRrOEx2NVl4NXpCWmtmemh3TmpOdGVYWU9HYWQrcHNZMHNIOGpBQUY3R2JENXNYakIrZVFraTdGVHk1UHYyOE4vaEk2R082RFY4bFd5dTM5OHBabDVnd3BkOFVScHVJOGxqZkcvRHN2VGpOcEZKeT...
433 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Rbdom3xSRWQ3cC9LVkRrOEx2NVl4NXpCWmtmemh3TmpOdGVYWU9HYWQrcHNZMHNIOGpBQUY3R2JENXNYakIrZVFraTdGVHk1UHYyOE4vaEk2R082RFY4bFd5dTM5OHBabDVnd3BkOFVScHVJOGxqZkcvRHN2VGpOcEZKeTVKclpMbGg2VnVmYllLdVVKUXdlZkpTbVI1MjgvUXRiTkljL3BxWHZrbFY1SjlIV0ZxWU96TkF6RzRGZys2djZxTFdiRHI5aEhsMG1XZUJCditOZW10bitFNTlEQ3lnQnQ5anVHWThETGtvNXZTaE9SL0Z2TTBJbXBUbFBYZ056ODZGYlF2eHpHNjJ0NnFWSmd1dGs1RzYwVHVDTjIvQ3ZPV09UQ3ZIN1IvQnU3eFo4MzIvbz18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
388f74b264fa73f93be390978cf9a745daefcdc94096273d775f3f06d682b0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
892783
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Rbdom3xSRWQ3cC9LVkRrOEx2NVl4NXpCWmtmemh3TmpOdGVYWU9HYWQrcHNZMHNIOGpBQUY3R2JENXNYakIrZVFraTdGVHk1UHYyOE4vaEk2R082RFY4bFd5dTM5OHBabDVnd3BkOFVScHVJOGxqZkcvRHN2VGpOcEZKeTVKclpMbGg2VnVmYllLdVVKUXdlZkpTbVI1MjgvUXRiTkljL3BxWHZrbFY1SjlIV0ZxWU96TkF6RzRGZys2djZxTFdiRHI5aEhsMG1XZUJCditOZW10bitFNTlEQ3lnQnQ5anVHWThETGtvNXZTaE9SL0Z2TTBJbXBUbFBYZ056ODZGYlF2eHpHNjJ0NnFWSmd1dGs1RzYwVHVDTjIvQ3ZPV09UQ3ZIN1IvQnU3eFo4MzIvbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
332359
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 07:03:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF7A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 05:33:08 GMT
expires
Thu, 19 Sep 2024 05:33:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C1AA 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d469336e7c72f7848d4a1bb02c8509a7895e2b813afb88bfa5c0dd4e158d50da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q_1z9OHMtmaaSvll60vk4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-Q_1z9OHMtmaaSvll60vk4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:03:38 GMT
expires
Wed, 20 Sep 2023 07:03:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame CF7A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 06:58:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C1AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309180101&jk=3886780570117342&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CF7A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UiWbOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVsO4,pingTime:1,time:2756,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:101%7D,%7Br:r,w:970,h:250,t:502%7D,%7Bpiv:100,vs:i,r:,t:1751%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1005,o:1751,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1742~0,1~100%5D,as:%5B493~0.0,1250~970.250%5D%7D%7D,%7Bsl:i,t:1751,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:215,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:104,sis:528%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:38 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVsO5,pingTime:1,time:2757,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:101%7D,%7Br:r,w:970,h:250,t:502%7D,%7Bpiv:100,vs:i,r:,t:1751%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1006,o:1751,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1742~0,1~100%5D,as:%5B493~0.0,1250~970.250%5D%7D%7D,%7Bsl:i,t:1751,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:215,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:104,sis:528,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:38 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309180101&jk=3886780570117342&bg=!HR6lHlHNAAbP3fMH7907ADQBe5WfOOyX6V6Fllg1_zC6rZdON7mDXPE0NDIPSAB65W7gLGe7HbtV6ssz2naCgPGk1CXpAgAAAN1SAAAAB2gBBwoAbXuL1w1e-FOZ3T6Fx8ucawvVssFsTcCCwphvGZFNUq9hr63kqOW8wEcAfptxAk4Jytt5v_BGtYC9S8UNb0d16y_lPyJ-d3FhvUJKd0UZyv0xbyyM6gjk3cZz6NvTV3pDizcNs3KAtmds4B-4Q8iZArOR52_D5d3J7KRLeRWeAAdZ87Lv0PQKfYpQWUlJhrC9vrwGvmiAdjgurikrmgaTat1HfGH-Pu0meAW5HnjdHyv49UlMlrby2WfvnAkOnY82qvVCu9WgSIqoKQp86ODX59CPihKU1KadSanDr1qPXASeafxgVXK4gEgwSAt46kWWhNjWS02uOdzmg0svq4NSlQL1n-rKa7s9zIbTNg--MyJSLe4UqXE7k0RdvOlfh3_bNXf1LQwE1o5WtIyJ-aRUm6dknWS-LuBycWr1WNNl2zWrdgS87cxU972dpkqanwjqAdTFSt4en2zgFZKQCk6ZgCnEqYwuxh-jrlDbNSS9sTBsVjaH7ZWxhqNhWluQD7x6VBhl5jyRQO5SEBU6mQb2091YnjjnjjS0UoOKJme9rrHe1ygcdGgS7s0_ogQBp1DGxtkZM5R9gre9NWojUJILNjxDzuf02cXL2q1e_3iHnJAoAS97OtuFmq7qCw8UNeo2M1b-NTYAu8REj3PSSYQBH7L0mDrXKUjS5mGp4WK02Bloo7GO7BKj1gYcG9EdkK-jXycnr702HOV_P07_OKO9KyGdhpDkGTh-DMmNnW4m3O_ty-ijzLWmEWXyVdYSfpHXuWyV7Pe-jCxK-adrnFfQvFKMN2ouCAyBhMvFk2nsPktIx8LvXI2WK6vh7hR2TS7s0YoImYfxVndkY7EohAjZh8CRglidIfUPU4OLzWBNFP_UWaLMo7Fow_eQxF08hv1ht46fTcGpZl3X56wNgqauRFsYJmRZKIzQqHOb1NMW9s4cvh75Y5ZHn_pkNaxzQrk7TlJNeima1hvmPdvw_diza1T4cP1gMMAydRrN-lzWPrmX9QPI-XRPML_Q8Jpu3R7cjONu3Si2zLRQUBw4p4kv3DaxnCV57zo0pzNH32NElhgAbMBk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 86A2 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 86A2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21506461&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f5a55ceaceac7d5c1be15df2a2b2fbac17e1abb29bd0f6ab6f871dd17e141e34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 20 Sep 2023 07:03:37 GMT
content-length
1855
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 6452 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 20 Sep 2023 07:03:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 44C9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7280800282114914451&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7280800282114914451&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 20 Sep 2023 07:03:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7280800282114914451&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame BF97
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4A59JtpPX25x5S7VoKkXxorHJoQ&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4A59JtpPX25x5S7VoKkXxorHJoQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Sep 2023 07:03:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4A59JtpPX25x5S7VoKkXxorHJoQ&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame FBBA 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 20 Sep 2023 07:03:40 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
Pug
image2.pubmatic.com/AdServer/ Frame 2B01
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBNkJFN0tGVE1BQUJlZ2llS0NGdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAA6BE7KFTMAABegieKCFw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4126096578355685197&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAA6BE7KFTMAABegieKCFw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4126096578355685197%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4126096578355685197&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAA6BE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA6BE7KFTMAABegieKCFw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA6BE7KFTMAABegieKCFw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 20 Sep 2023 07:03:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA6BE7KFTMAABegieKCFw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9EAB
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 07:03:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 20 Sep 2023 07:03:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame 86A2 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=405D7A68-5F9F-42F7-8B7F-537891E42242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:40 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
809835bb4a509a03-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 86A2
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=405D7A68-5F9F-42F7-8B7F-537891E42242&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=405D7A68-5F9F-42F7-8B7F-537891E42242&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=405D7A68-5F9F-42F7-8B7F-537891E42242&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:48 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:48 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=405D7A68-5F9F-42F7-8B7F-537891E42242&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 86A2
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=001546d40ce0b1688f194462592b1de8&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=08b2a00dc94bf5d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
405D7A68-5F9F-42F7-8B7F-537891E42242
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 86A2 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/405D7A68-5F9F-42F7-8B7F-537891E42242?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5aec:1139:b771:4a28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 86A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2a49017a-7996-407c-b705-356b1ffead4a&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_7eb84cbd-06a2-4751-b5af-5cd14d3eb0c0&bsw_param=2a49017a-7996-407c-b705-356b1ffead4a&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a49017a-7996-407c-b705-356b1ffead4a&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a49017a-7996-407c-b705-356b1ffead4a&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 07:03:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a49017a-7996-407c-b705-356b1ffead4a&gdpr=0&gdpr_consent=&gdpr_pd=
date
Wed, 20 Sep 2023 07:03:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 86A2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 20 Sep 2023 07:03:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:39 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 86A2 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 86A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4098311613554324035&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4098311613554324035&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 07:03:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4098311613554324035&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
perf
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/perf?tvi48=12004&tvi50=12238&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230919-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://sports.walla.co.il
pragma
no-cache
date
Wed, 20 Sep 2023 07:03:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
64.png
admin.teleline.co.il/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/64.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d7fd38335a9351deb97460103975b829fa59b7f16ba1eac168aaf01f43cd347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Thu, 31 Aug 2017 05:48:58 GMT
Server
Microsoft-IIS/8.5
ETag
"081add61c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6393
56.png
admin.teleline.co.il/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/56.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4f2044872a15851a96b77ad3677a826479c99531f85bcecb066e12b438ab54cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Thu, 31 Aug 2017 05:48:31 GMT
Server
Microsoft-IIS/8.5
ETag
"80a195c61c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
8494
162.png
admin.teleline.co.il/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/162.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dfe8210f15fbe84923842bafd0745457bcfc9a0421576d0c1060f86ff7e39e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Mon, 20 Apr 2020 19:57:54 GMT
Server
Microsoft-IIS/8.5
ETag
"77ee6fa4d17d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4279
659.png
admin.teleline.co.il/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/659.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4b558e08c998cfdf1fb1b16483c9860ac40917adab5fb23f0c9de170632e506d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Sat, 24 Feb 2018 15:36:06 GMT
Server
Microsoft-IIS/8.5
ETag
"ced9792f85add31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4040
138.png
admin.teleline.co.il/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/138.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b9ba41213b9cff0796b3f60f994a51e69406f309534f8f212d69772de4bee598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Mon, 29 Jan 2018 09:50:13 GMT
Server
Microsoft-IIS/8.5
ETag
"8078d38ee698d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6403
86.png
admin.teleline.co.il/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/86.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9156377bb916012e2a9af84f839784e1cf265d3df2b8e4b4099e4309dee029d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Thu, 31 Aug 2017 05:49:57 GMT
Server
Microsoft-IIS/8.5
ETag
"8030d8f91c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
5483
45.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/45.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
349528e03ea7cb3c8f560709298ba4eced9cb5d2baa295bc051a5671473ab18f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Thu, 31 Aug 2017 05:47:57 GMT
Server
Microsoft-IIS/8.5
ETag
"80a451b21c22d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6745
277.png
admin.teleline.co.il/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/277.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9370e0fff3e530e705046c24135cd928d424d3e2346046671ea53001307683c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 07:03:38 GMT
Last-Modified
Mon, 29 Jan 2018 09:50:17 GMT
Server
Microsoft-IIS/8.5
ETag
"80d23591e698d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
9263
SPug
simage4.pubmatic.com/AdServer/ Frame 86A2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:03:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 6BE5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Z4hCKHS5Bd5uLVgu0CJKnbjEiOQflHdPTEKh-ipGnTRBG3rsqw6mdgHv7ItXE68odSB9_PZie-xtT0wWNKX2B6FUCF5T7yqRZ5M5tv4HwTrVxMbuL0lXkBPb2MeYiTcFCwu37Pr6uQepcUclsWIgblEvbcQXz5KLOHbFv20cOPA47YZH33VbYIiEY0nUkluz7MIkcYinBFBH7oCIH-RO0wxSezaN38oDzB0jTZyZZq-zkl-g6v2aCnA1svQDMnByOE9SDQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQqZRAAICY0H_YJFAA9zIUJFtJkOp2X0P3N8WA&u=%7C9np%2FvQTggdk0wJizdRijvCK6Su7odYg%2B70HSFMyv7Mo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797XkVJXccA7Uj8mbSb3fuGLnWml58tkIBBt-cgZ16ZzJEqHHlu8cMXg48Z9UKHUU0SpyJnTRTeI0QMpKTbdomCd4hvY9exeR-XfEuxolGEqBH3yW4_2NAWBZjNrgQZnOGCqGPmQeisdAE36Y9UHDisGz-bASrIost9-zmKji5a_eBUSiBL15YL_4BQcUqL7VN9gAMyGjSXrrhtX6TeU3Jwo_jU59kZGleSBDSldr4LJtB9RNze3o56e2eL0k_lr5zixJf9KDyWDJm5IFj0Dsa9jeCjS7QfQrURz5f51Z31QD8JsVeo08Af9xPsZlkcCaMcctfGB3XmA15SE5QpL81qQ3qrLcRdOMtSckVgSolx7aJX8WL48oSmFXNgMKqiD_2LsKBMTPzFT2hYlNg7dC0WFo1UmoFGK9AYUob_X-XITxlgjyZDthKFviN1_-HICHDtNQ4A8Pl017hTiYxvjnKmRZRjSR6_f5r4sk_3jhpRmjYyd1r9J9cD7REQnYFBxzSbE6A12kcr2gYl8zH5NeAMMLjCMCl9VruAEaiZV2B__AWDg3FPNwt59o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-TzRJkKZY2TIMWE9u8Poea9yAfJntKxXLWY49aTAcCNtwEQASAAYJXqrIK0B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJPGtiIHO6xPuACAKgDAcgDAqoEpwJP0NMLAQ0E9KCuQkQRO_3okYuAbPeXgTZbZ45Q0IKoeejFhqn1EZAlwKTjYvypyotUncn_K6PVz3TZ_j1_JfCE33BZ9MQfLOayYHHvZypcuqCdGekQqQsIqpdSYTfEQaeSBkowIFv-FFUmWGXCsB0Lm1-whzvLxLiifnEk026DuwDG9H6xy_It9iB8wlbKpKh3_0Yfes-IW1Ayl1J5cHiy-b0hE0sEIglqdvCIAIvN_ZcRl43lX7pp3r2vd6tdlaiqEIkhuLn1s-2mWUm4RZwo2k-vAkm-lxj_w5gHNzbpP9WaXlCQhDYrCdFQxY6bl2JXdhQGdgR_axExnV7VA5PVOF3Hq5f5pNwS4583EHZpeHTW8DOa9arypKOHDhA1S7OAbtqpT3hu4AQBgAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xHKh7Ed8Afw6cCiStVhOK0lZ_pQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 07:03:41 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
dt
dt.adsafeprotected.com/ Frame 4B5A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86ce0300-ad44-35b4-3fe2-9b63bea49cfe&tv=%7Bc:oJVtQx,pingTime:5,time:6753,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:101%7D,%7Br:r,w:970,h:250,t:502%7D,%7Bpiv:100,vs:i,r:,t:1751%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5002,o:1751,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:101,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1742~0,1~100%5D,as:%5B493~0.0,1250~970.250%5D%7D%7D,%7Bsl:i,t:1751,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:167,fm:tQnwOyw+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.990511-61634097%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:104,sis:528%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:cac2:6f16:d61a:7f96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 07:03:42 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| documentPictureInPicture function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag boolean| isMobile object| WallaTargeting string| _taboolaOS object| twttr function| admiral string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData object| google_tag_manager object| google_tag_data function| _ object| dmp object| permutive object| GooglebQhCsO object| gaplugins object| ggeac object| google_js_reporting_queue object| __twttrll object| __twttr object| _taboola object| TRC function| _typeof object| _tblConsole object| _cb_shared function| postscribe object| google_tag_manager_external object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| 4dm1r11545242527 object| _0xea1d function| _0x5c91 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| apd_options function| fbq function| _fbq object| unblockiaScript string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only string| _zaVerSnippet object| _zaq function| __za_api object| adoric object| __LOADABLE_LOADED_CHUNKS__ object| _cbm string| _zaVerWidget object| __adoric__ boolean| IS_ADORIC_LOADED function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments boolean| fifabAlready function| fi_fab function| a0_0x5142 function| a0_0x5b32 object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg undefined| google_measure_js_timing object| Criteo number| google_unique_id undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery number| _lbCounter boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id object| webpackChunk_smartlook_recorder object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg object| image object| sas object| apntag object| _ADAGIO object| owpbjsChunk object| owpbjs object| PWT object| a string| nam object| placementData object| sw_consent object| cmTag object| fiUtils object| $backfillRefreshObserver object| $FIslowSelectors object| $InContentAutoSelector object| $websitePrependInContent object| _cm_wfCounters object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| tbopt object| GoogleGcLKhOms object| google_image_requests number| measureInterval

119 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _gcl_au
Value: 1.1.1717041249.1695193410
.walla.co.il/ Name: _cb
Value: Ba1jODC2sIIgCrpQCM
.walla.co.il/ Name: _chartbeat2
Value: .1695193410574.1695193410574.1.DDvog9BTgAgfDff5fqC14rDtD5x1aa.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gid
Value: GA1.3.301290989.1695193411
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1695193411.1.0.1695193411.0.0.0
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1695193411.1.0.1695193411.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUl1vYYiP5OW_6-7phG4YNvnRlJ1tpCVuz1SF8lpsIojJC-AkO-rI-VDZwxK
sports.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://sports.walla.co.il
sports.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LMREE09V-Y-JRL7
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpESjDVq7WQdnjc0/aJelRdbjRFtGIHH0saRYHPyHoSL5LLAzRR/44aQmcYMLr/eVctgNzPcV3xQgUnz21koybi0sUClNixstMhkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
.dxmdp.com/ Name: dmpid
Value: 0024a8f8-4a0c-42fd-9099-31643be23590
.walla.co.il/ Name: _ga
Value: GA1.3.633202485.1695193411
.walla.co.il/ Name: __gads
Value: ID=b8c01700586c7d08:T=1695193412:RT=1695193412:S=ALNI_MaOjoTGq9bM3RP5Dajb1GMy4Xru2A
.walla.co.il/ Name: __gpi
Value: UID=00000c791dd01723:T=1695193412:RT=1695193412:S=ALNI_MbrQOWYY0XTvBIO0eod-p73XKAGnw
.walla.co.il/ Name: _fbp
Value: fb.2.1695193413257.1970768664
.script.ac/ Name: __cf_bm
Value: CWeMBZWcJpbB0kdc4NoCspT0t05gVt_5v1smpDo3Oz4-1695193413-0-AfKJueTu2pu9Ig3DRcqyzOP/RIcLl894rUOm5gPeEqE968uOJLoYbS8dW/IWtp79A5qv/mf1f127ECKIPWlKGZU=
sports.walla.co.il/ Name: adoric_popup
Value: true
.walla.co.il/ Name: adoricShowCampaign
Value: true
.walla.co.il/ Name: _gat
Value: 1
.adnxs.com/ Name: uuid2
Value: 7266556625495896169
.lijit.com/ Name: ljt_reader
Value: HWfnuGZHME1tQEdOR42J_oKE
.blismedia.com/ Name: b
Value: 650A9946640C2863DC4BE434BLIS
.yahoo.com/ Name: A3
Value: d=AQABBEaZCmUCEPS4KDYZyh0zKOFGOwfQtwAFEgEBAQHqC2UUZQAAAAAA_eMAAA&S=AQAAArCQb75lJpQ67-9Y84v4QJM
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 405D7A68-5F9F-42F7-8B7F-537891E42242
sports.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D3683686d-67db-40d0-93b6-3bfbf22ff86f-tuctc041ec5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2263356D2A-9C94-4AF5-1B95-542B871718C4%22%7D
tagm.tchibo.de/ Name: tchibo_et_gk
Value: 347cb00554b9485180e58cbb64ab7e45%7C19.11.2023%2007%3A03%3A34
tagm.tchibo.de/ Name: tchibo_et_uk
Value: 7fa346a0782341dcaabf36d4662eaead%7C
tagm.tchibo.de/ Name: session_session
Value: 98cca1ef548741e4860e8d8c
.casalemedia.com/ Name: CMID
Value: ZQqZRksIolP6ZNngKvsK6wAA
.casalemedia.com/ Name: CMPS
Value: 3352
.casalemedia.com/ Name: CMPRO
Value: 3352
.sports.walla.co.il/ Name: _awl
Value: 4.1695193414.5-3e57fdc4059821c88185fe47d6301cb8-6763652d6575726f70652d7765737431-0
.doubleclick.net/ Name: APC
Value: AfxxVi7IU2rzCSuhcscR2XloIEXS0ROyM6WCKcGfCOji08rohyTO4w
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hc't_DA^!@wnfH8K6pQK`!5=E<*L5?%Lplf//!]l9>z6D_Wf/473T0eKFO>zQ/K@DhbM*bpRz*qF1`*b`ia*Bb$p
.doubleclick.net/ Name: DSID
Value: NO_DATA
.dxmdp.com/ Name: audids
Value: oAENlyoR%2CTW7oIPDA
.quantserve.com/ Name: mc
Value: 650a9947-f1841-e7636-e353f
.adfarm1.adition.com/ Name: UserID1
Value: 7280800282114914451
.de17a.com/ Name: guid
Value: 1.4393464786529453726
.criteo.com/ Name: uid
Value: d5119605-fdb2-4e42-b6ca-2f8ca5bcca36
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 4098311613554324035
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-54782d38-bf7e-4261-9907-a6a68d06c640-003%22%2C%22nxtrdr%22%3Afalse%7D
.adform.net/ Name: uid
Value: 430026040501508929
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-54782d38-bf7e-4261-9907-a6a68d06c640-003%22%7D
.googleadservices.com/ Name: ar_debug
Value: 1
.bidr.io/ Name: bito
Value: AAA6BE7KFTMAABegieKCFw
.bidr.io/ Name: bitoIsSecure
Value: ok
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 8eccd715-b424-5407-bfdf-baf6dad523be
.betweendigital.com/ Name: ss
Value: 1
.sitescout.com/ Name: ssi
Value: c91a554e-ff1e-450b-bb85-bdb675181edb#1695193417166
.quantserve.com/ Name: d
Value: EI4BDgH_KYEO-TA
.simpli.fi/ Name: suid
Value: 0C4D3B5254FD4C569DACCD7123B374A8
.csync.loopme.me/ Name: viewer_token
Value: 96999c19-cb2d-4ec9-9ce6-508803fb8dc1
.weborama.fr/ Name: AFFICHE_W
Value: TbJohAVtg1BN74
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt&KRTB&19420-8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt&KRTB&22979-8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt&KRTB&23403-8h1Uqv0RUPzpTlXz8BlJrvMeV_3pTVf-907MWCRt
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7266556625495896169&KRTB&23339-7266556625495896169
.company-target.com/ Name: tuuid
Value: fc5197f7-19d8-49f6-8c77-824d0f936bc1
.company-target.com/ Name: tuuid_lu
Value: 1695193417|ix:0
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-430026040501508929&KRTB&23263-430026040501508929&KRTB&23481-430026040501508929
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGOyHb8-tLZFbJzY6_nKYv4&KRTB&23025-CAESEGOyHb8-tLZFbJzY6_nKYv4&KRTB&23386-CAESEGOyHb8-tLZFbJzY6_nKYv4
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e00e7d26-da4f-5f6e-71e5-2ed5a0a917c6.1pFXuegY9Oynmcr4km8xIIcLUIR75iin2sfGOywXM9k
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e00e7d26-da4f-5f6e-71e5-2ed5a0a917c6.1pFXuegY9Oynmcr4km8xIIcLUIR75iin2sfGOywXM9k
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4A59JtpPX25x5S7VoKkXxorHJoQ.8HjCmCBedvXROz0L4CpPg5PgW%2FMm3P8zzTxDsl1W1qE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4A59JtpPX25x5S7VoKkXxorHJoQ.8HjCmCBedvXROz0L4CpPg5PgW%2FMm3P8zzTxDsl1W1qE
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIF7RCE1Fz1KkAj-Zqp35NhOmdWcAtfcSH35EsFNg0KzAEHwYBCDJsqqoBjABOgSEo62DQgRepVgs.654iuRZJiiURs%2FxbPIFRYB5SMVByMgPcjveBfoQ3G9Q
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIF7RCE1Fz1KkAj-Zqp35NhOmdWcAtfcSH35EsFNg0KzAEHwYBCDJsqqoBjABOgSEo62DQgRepVgs.654iuRZJiiURs%2FxbPIFRYB5SMVByMgPcjveBfoQ3G9Q
.audrte.com/ Name: arcki2
Value: 5g0KkYBc0-sSpSpZmUJBGllLg!20220908!1695193417576!ip#138.199.38.132
.audrte.com/ Name: arcki2_pubmatic
Value: 405D7A68-5F9F-42F7-8B7F-537891E42242!20220908!1695193417579
.tapad.com/ Name: TapAd_TS
Value: 1695193417642
.tapad.com/ Name: TapAd_DID
Value: 31b0fd1b-843e-4422-8756-1877c39b3484
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.audrte.com/ Name: arcki2_ddp2
Value: 5g0KkYBc0-sSpSpZmUJBGllLg!20220908!1695193417766
.creativecdn.com/ Name: u
Value: O2WM8H2GgudsxtVytB4W
.creativecdn.com/ Name: ts
Value: 1695193417
.smilewanted.com/ Name: sw_user_params_infos
Value: gbHFlL774XSNu2xoh4ebE5Tv2155GuafQLR1%2FU8ScSJ2923kdxvFfcsEI6evGhZ80VyYyFpqbLt0Ku%2F3vMEAi2xdC0khn7FVc%2F8Y1cKMqwM6%2FsLpPQivjSl8P17iOJoCSyb8RzP6I2hVxYjPARFjXGeYg%2BCBr9MOCVWvB1mVrHvBFt9bEdrP8oq9UM5nt%2Bfzewv1iWY9nvb7bdlRPC8ZvwteYItKKZGGOe%2FYjYY%2FI6%2BeBj0UTfqHM5K0%2Fe6hQcr25SYfELl1NLYD4onccoE0jDVrjre926a10gXvnfeOFxYSc6tFH9X4wId8BRLFM%2BFoU9UuAzMVm4kgjUxhfNkSJ5yaef3nWsBwbkMlOHOrH%2FuxzG58wjk%2B%2BUNOSKfxXhvi%2BJjVk80dLS8H%2F1JnC0olfdIiywikSbdF%2B6uot4u8n9aN6LM1LexO%2FX0XS%2BdAUTyI
.betweendigital.com/ Name: ut
Value: ZQqZSQAMBiAq-6jY8dE_WAzBu-iqU8bhrX8U1g==
.amazon-adsystem.com/ Name: ad-id
Value: A5zS4Vu7aktGnDGl8E28cBk
.audrte.com/ Name: arcki2_adform
Value: 430026040501508929!20220908!1695193417906
.walla.co.il/ Name: cto_bundle
Value: WLj1DF96eUM1JTJCd0UzcnhWVzh2MlRud0sxUEpYTENjeHElMkJNZGxCWDRQY0E3WHFCUnFmREhHJTJCWlpmUE9TNlFrSmJBYnFMeDFNWFM2RGNoQzBzNHBVYVFtcmFOWTJ0VDgxTk80VjZVeG5sa1dheW5rTXh4Tk9NTzRra3VocXJTWjM1YjNnZmFvdGZKaXllMkFvb25iWDh5Y0FHJTJGQSUzRCUzRA
.pubmatic.com/ Name: SPugT
Value: 1695193419
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 160447:4
.pubmatic.com/ Name: DPSync3
Value: 1696377600%3A241_235_227_226_219_197_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1696032000%3A63%7C1697760000%3A203%7C1695772800%3A15_2_223%7C1696464000%3A35%7C1696377600%3A56_8_55_165_234_220_21_233_166_3_71_251_13_54
.bidswitch.net/ Name: tuuid
Value: 2a49017a-7996-407c-b705-356b1ffead4a
.bidswitch.net/ Name: c
Value: 1695193420
.bidswitch.net/ Name: tuuid_lu
Value: 1695193420
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7280800282114914451&KRTB&23369-7280800282114914451
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NTE5MzQyMDAyNSwiMjQiOjE2OTUxOTM0MTcyODAsIjM5IjoxNjk1MTkzNDE3MjgwLCI3IjoxNjk1MTkzNDE3MjgwfQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4098311613554324035&KRTB&23150-4098311613554324035
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858&KRTB&23418-c91a554e-ff1e-450b-bb85-bdb675181edb-650a9949-5858
.zeotap.com/ Name: zc
Value: fb2c4c0f-d297-4bef-7eef-ca0cbe1b697a
.onaudience.com/ Name: cookie
Value: 08b2a00dc94bf5d8
.onaudience.com/ Name: done_redirects161
Value: 1
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_7eb84cbd-06a2-4751-b5af-5cd14d3eb0c0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2a49017a-7996-407c-b705-356b1ffead4a
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-4A59JtpPX25x5S7VoKkXxorHJoQ&KRTB&23334-4A59JtpPX25x5S7VoKkXxorHJoQ&KRTB&23417-4A59JtpPX25x5S7VoKkXxorHJoQ&KRTB&23426-4A59JtpPX25x5S7VoKkXxorHJoQ
.semasio.net/ Name: SEUNCY
Value: AD4D3A72B10C44F8
.exelator.com/ Name: EE
Value: "001546d40ce0b1688f194462592b1de8"
.smartadserver.com/ Name: pid
Value: 4126096578355685197
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAA6BE7KFTMAABegieKCFw
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHAwNDUxCzFxCA51SDJ0MzCIs3Q0sTEzMjU0ijJMCXVYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQfEl%252BUWb6IhfXxUUpaQyLSopPBR%252BN2AwAWz4pow%253D%253D"
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: da8f1d0e65efc541
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAA6BE7KFTMAABegieKCFw
.pubmatic.com/ Name: PugT
Value: 1695193420

4 Console Messages

Source Level URL
Text
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-09-20
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html".
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=405D7A68-5F9F-42F7-8B7F-537891E42242&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
a.audrte.com
a58250f068891984aa4b18cb6fe3a276.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
admin.teleline.co.il
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
app.adoric-om.com
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
cat.fr3.eu.criteo.com
cdn.firstimpression.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.taboola.com
cdn.unblockia.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cds.taboola.com
cf.dxmcdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d29k50lkkhkjby.cloudfront.net
d2muzdhs7lpmo0.cloudfront.net
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
event.dxmdp.com
expansioneggnog.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcpstatic.adoric.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
images.wcdn.co.il
imprammp.taboola.com
js-sec.indexww.com
loada.exelator.com
loader.unblockia.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubmatic-match.dotomi.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
sports.walla.co.il
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adoric.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.crwdcntrl.net
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
syndication.twitter.com
t.unblockia.com
tagm.tchibo.de
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
vidstat.taboola.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.25.18
104.18.27.193
104.19.149.54
104.244.42.200
107.21.249.220
141.101.90.98
141.226.224.32
141.226.228.48
141.94.171.215
142.250.184.194
142.250.185.134
142.250.186.98
146.75.116.157
151.101.1.108
151.101.1.44
151.101.129.44
157.90.211.246
172.67.10.198
178.250.1.11
178.250.7.11
178.250.7.9
18.159.127.80
18.192.225.250
18.238.243.86
18.239.102.145
18.239.18.54
18.239.69.83
18.66.137.74
185.184.8.90
185.237.97.111
185.255.84.150
185.64.189.112
185.64.190.81
185.64.191.210
185.86.138.124
185.86.138.150
185.89.210.122
198.47.127.19
198.47.127.205
2.19.126.84
2001:4860:4802:34::36
203.195.121.142
205.185.216.42
208.93.169.131
213.155.156.185
213.202.235.9
216.52.2.30
216.58.206.34
23.213.164.238
23.213.165.149
2600:1901:0:d733::1
2600:1f13:800:7780:cac2:6f16:d61a:7f96
2600:9000:20ab:b000:8:48e:53c0:93a1
2600:9000:20eb:5000:11:da61:a100:93a1
2600:9000:2104:9200:12:abfb:9280:93a1
2600:9000:2104:ac00:12:abfb:9280:93a1
2600:9000:21c7:c200:4:1c73:c740:93a1
2600:9000:2394:ee00:18:1fcd:353:c61
2600:9000:2490:7c00:10:be65:1fc0:93a1
2602:803:c003:200::45
2606:4700:10::6816:1957
2606:4700:20::681a:8a9
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700::6812:1ac1
2606:4700::6812:372
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::201b
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2014
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9d
2a02:2638:3::10
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::7
2a02:2638:d::c
2a02:6b8::90
2a02:6ea0:c700::10
2a02:fa8:8806:16::1370
2a02:fa8:8806:16::1460
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::714
2a05:d018:d29:3602:5aec:1139:b771:4a28
2a06:98c1:3120::3
3.71.149.231
3.77.133.205
34.111.113.62
34.111.129.221
34.111.131.239
34.120.218.58
34.149.20.76
34.160.198.118
34.236.109.207
34.253.61.43
34.96.105.8
34.96.71.22
35.156.100.108
35.186.253.211
35.190.0.66
35.204.158.49
35.214.213.51
35.244.159.8
35.71.131.137
37.157.2.229
37.157.6.237
46.228.164.11
46.228.174.117
51.77.64.70
51.89.9.253
52.212.242.190
52.214.15.202
52.222.139.122
52.46.143.56
54.196.73.80
54.239.33.158
54.78.254.47
63.35.30.113
64.95.96.108
67.202.105.23
69.173.144.138
69.173.144.165
76.223.111.18
77.243.51.122
8.2.110.114
85.114.159.118
95.101.149.233
98.98.134.242
0006a0539d3f199c9b2416e7964cec61ac6c90f394e2d9c8fbd0d1196cc137a6
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
023f8e5e6152c62987c9f1d1d2193ba56278e04a9545795ad28b516cfa70967e
0265fa51f7836e510b3d6586f64d4c81e93fa4102b44e62d57ef7a78b1b79e05
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
068eb3e4d07d606a09b54b707f5b07bea6100b984ca99e6d932bce2ccc2b9ae3
06ee06f6d785f1a70dd3f38872e32daf4df53f44a53d50cf614a7520fe42b6ba
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a03e30f7fe8de02122d57bf456273419b17b9e8917100f5fda7f8e173458478
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb28028a54e3ecd99931e082271ba5726b91dc0b396f3ec95ec5625504e1ea3
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0ca17301a2bf2b63de571f0823a3402aee20a68d6a7a6fe96ad95649c524a4fb
0cc17655509456d49a2f33b66f3c0fd7dcc33cf9d61b306eee06880368e81edd
0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
0fc04fbe6a724a0d2b7b750d5b068fdc4dcc47d71274837fa04ee476a16f0184
101524d3c9d05e1d29dd563853dd40305624d250d4a5b231ca1db78a4a420c5d
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
11c4e6125eb54bbb88de124ec0e36e233b3940c3baa1e8ca6ede68d4e46ff002
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a0d4a5e6050901fe74867c0130beef2143255c7aedc2233ea5e476671147fdb
1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2
1ab50ee880257c71537296b3c205b390186e2ab6ec764b5c35f5955ded1f2dfa
2061e7d9fa8015cf272769598761fbdbf20e5fcd0a322b5c9430145247e023d8
20d2bc0b2735c906b175286e1bb3ea23fa991d752743e25d9e77b05461edfc6d
21f2958644bdde43ce46b9840e6d0f079eaf6dc3790c24c7c9c2d8c98b20ed21
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23388937dc7d71c44ed2379dd6603dfb4510b410fabd287b6257738146aa17f8
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
254f58fa25c96edf26d778e55a3f78ed9233c997ee4cdbaa8fc2455c6387a1f0
26740d2e9d7003e099fe10702ef4606aa2d6e2209b4175eba625fa6db8b611fd
26b64bfad5da865023c6249ded8a54caee3e97e0cf83b7cae4a85af4b901b6f5
2749301cf85a2fe96f81f775ca0c364ffd7042fe18d179582918d6c53c67e97d
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29733eb4bb416659b4f61c328862e1439569ad54efb572490de6347e9980948a
2a78893d50925a1e12b1735a47ab735668141df8026f180998f00da3b10e0865
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318c30d76082c8f46e59817afd5fce730b6763a4149778add8754bd36078ce05
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
339a142b74d654e469fe04d9e4956f07f1a55018e7b2b032080967df7671d07d
349528e03ea7cb3c8f560709298ba4eced9cb5d2baa295bc051a5671473ab18f
35f835fe90db445a48012efb03e15e91dce30f9f3653b407cd95ef3a6f505fc4
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
388f74b264fa73f93be390978cf9a745daefcdc94096273d775f3f06d682b0d9
38a8f0e2f0e6e69fef5de3690865b0a2132a0a8035699ab1eaef61d8091a62f5
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57
3b3ba9b30e4170468eeb874e66b6c2a2dee88b8e07fba6c308089acee8ac2079
3bcd94510a60f0f31bf93e8f8d9dd625808709fb978b0ab2aceee053b5313a6c
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4720fadd0bac5cbafbfc4a140def438af0c72bd201e71a8034fd4a8af272d2a6
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
490a0a636b6524b952dc10a3968522b48f663b70f0ae12aad99bc22bb9330cdf
495d66bc7381abef8fc25ff161494fc01949014a1a4a7517b520a7e3289a3f14
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b558e08c998cfdf1fb1b16483c9860ac40917adab5fb23f0c9de170632e506d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7437cccbbb8cf9d074fd23b1a4e62622f1fa93141c05fb17782402c734a202
4c4debb95b833d3a22a8fcfc97b66910440e6514e75e46ffa3c8a54e430dc571
4dcac33bad9abe6fdac05ac8c57851ef095aef9a7e195c63df09dfc830fb6b4e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2044872a15851a96b77ad3677a826479c99531f85bcecb066e12b438ab54cc
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517dd4e98f964068291a3ddc62a1cbf0e36de28e99d98212e22a2790a3749490
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
530ad39602a9607f310ac6e151f980d357c1780c6969e11439e4ce7445d2b892
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b025517ad210a73c9972b3b75acb59adf60f95ad71afa1c0afc99c4d5e1410
5515492751f706e4b1c94f4e1f838ed0cd927d907a59b01f6e7dad8308d028cf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
58d449ba122bcee25cb2b011dcb71623f92fed134a59981210b52c2ace713c6c
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
599e48f9d8d0c1d97dc3f2bb64f75e63ce51a314787a7c0a3394ffc711b25835
5a0eadc52e3dba13c3c60a244a4b963c3ac5165a81cc986f87cbb479e5bd905c
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
600d77b130a069ef6d0024384927c5791421df1d9d3e3823b4d89aff36307d9f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d
63dce34729621fca0a4e5256dec88beaced89985dac9e2ec573140c7172b66c3
660713535b08260591ed094302a4027c4abd2644ef6edc9fd4523b3d71bd5093
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6960addd84617a7b2dbae8ffd88699ebca61162ed47278f01f7a9ace63140323
69871080b9869dcfdc348e3c11f958bbd17ac10994b8feaebabadc5b2d187846
699e728fc3327c4244972797084f8c44a2afdfa3eafec8f90b6e83ba1df12c8f
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c9e975a473cdd1f699b032fe773548960f7d438d4ef8f0f696aa4d287fa0574
6c9f02b763b53e17a1193b6e153636259abdb7a1a3c5bb1f3faf39b4cb8362a3
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
71a8c42fbd2b7abe64b2f21e257715d04e579d4a80fe72c969cdd5c417118528
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
747eb3e5b7e723a442751f9cf49391793691a6d943410c77cf5228bfe5fab878
759f69c53f84f3be3a047854a87d6636180b6031fba02889eb0b44179aa242b2
75ccb11e22d3f2e3475ada74631301c9071a94fb903877a28fc46875b9cfd063
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
76e7bb4b02302c86d2609703d5e3bd8d6f406201268a9092eddd6d537db8d0e4
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78048b8193e02239e93791e60498b02e98eac3ce76b46085286b8613be236631
7a1f4c8bf10f2b374bbe1e2fcd7a01237533a6c035c7e4f9d3926a182fa927de
7a464417aa13b340f291bed95854635df15873e2f0fe69467c16f76c2ee18925
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
7b6f3ed9be2a0b97ab6556cab5a50ba59bec2ae85fe5546143dfbd5a3f5f33a8
7dea9aa48ff9d409750cc5263b557199bdcb2a8bf60809817da7567d928d1707
7e4163971f59288e534ae595926abe9c318ef6e21fdd7001999a235c34f377cc
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
8049f5fabd4b7c67675d9610e4f9c8faa0ca6d92dc0beed18e735cf5f8d570bb
8099a196b2170630895f07f2cfe3300a710f47f9f15aa5a574e44237cff91619
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82c2d90bcc637d4c709fcf38e52e800eb193842bdd7085a98a0758fa917579da
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
82e31b39848ad7ff639a981f033848abbb593c44eaa40f01b48f2bf8641ac444
8333d39911f90b03a5b0291a858658cfd938f5c0290cb12259f6c8e1d791df3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836b60d60e96ff91364edcc6d33c1f9146d9c1cbcac5d246a3846af3db8edeef
841569df881df09a6faa23aa34c22bf05893316f8cfc21727e056133fdba96ee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
867a8ba730e980f97fe271e81000030de75a8daddb68b2273eaa46f97891ce14
8824d14db05415026d4a42613e0df2b0cb3941a71d774a58b5af650b4d1952f2
89ecd6493e79faa18211d2870a2742a5b0bbe2c16845a01dd2011abffcf4b52d
8af6b9c29073fcec8679a8e4bd3c2975fd0fc2cf8bd07b51af8e3c9ab4730cc0
8b0f372767b16219b2fc39db4b62f6ae5849d9eb2f2224d2f1874bc6aa197bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df4773d9eab90bc26d9d75bf09bd7ac934af9222a5dfe62bf4fac6a2310975b
8e719a0b2e201a4b753922d106f89cf649cef2ba38c4d7bae6577745aa64c8a9
8e75d09349ca6dd7bb62fa78d2a3437ea2f0ebb40fdc0ecf610433e4ca8fd4d0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90efbca246f33c1760f539ee8a2b050783dc57554985d4e67492184d1213ec24
917fbeefc58291237d8e985cecedcd47dd70ca74768b9938b5f684525a38cf51
91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2
92b27c509dc69284a7b927144467242563d07c92c01946f2b61e34adfd9a3fd8
9370e0fff3e530e705046c24135cd928d424d3e2346046671ea53001307683c2
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e
958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448
9596add7437d96f2623e8dd1eda8ebbc54cf8d3db9b240256b56f847cfabc359
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96d4b2728608fb778ade0f9f40b030a7b3bcb922163822e1ff758e6a1946d046
96ef8b16490e2d9e95231ad387050142eb246c56ba078ad23b2c471c47a23cae
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220
97c637cbeef3b78b92a5aa74a18293e1aeb98b4b95f0ee4fbaff3b1bf83044b2
988ce759ff9f3585719f5f4081ee7f48a7ae1dc4d8466c06bd8e8982d5a6617d
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0e1d4db6eba6faa561278483ca7ea89d0e01a9a1cf4b562b91bf8030885a54
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cd2ff1d66cd69b3cfcecb252f2cf1dc819921c1c24520da3485c1a8fb37b3f3
9f6b6e7ab9c38eb2fb50293694882bf5e3a9af93cc2a4a82e1d4972b0f528058
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a215c07deba855d94751d7693c5867d2ffa8955137fddf4588004c29977d57d3
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a755b2a5c7eb8fbf5dbf133f7c4b3a9063d058a361c8638aef14246268f05e6b
a86bfcf9a22bbef5fe14c67cef3b9b50666876a47eba94212e664f47a5d0c02e
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a
acadc75406bad895a5edfcdbe529c86b1194c5fc4a29bdb5f6687b45a74c4e25
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9be51bce33a052bc94651cf98d61b804c95303e894ad1a5b1e38af37130c58
b09f920231ac5ad5556a4479de98cda43c1e4e4e7ff0e08dbc2a1c48c56fc5e4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f63f3c20b6fb653c8c12f5500f6e28f44d57b6d9396c8fd28be1d5070e19f1
b263a9553c1d59475d427c777c6c20f7c0e91baa00bd7370ed614bf17b3b4b1d
b3328b7573fdfc1e9b97ce4ec461ad36f51ebb65223b2d6895875dd6f8a2515c
b3475c5818f01d0b02baf9ba6a4f1711be83252fdc8685ff45b68d712422df40
b3ab40d1447a40939137c342767efdcb45c4c048064c35c2717809e16c830173
b40eb16edca517e36908c25750a0d9f14395af52c013cbd5c5350824df5bba35
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
b80178fd85057160863dc9a39dd148c584400a9bc59078fdaea14264727671b9
b8793a9436203d3c6772b6f90ffd5ad9c144c5967ab90bc40cee0a8e58d7fc50
b9ba41213b9cff0796b3f60f994a51e69406f309534f8f212d69772de4bee598
b9ff8701844b2c462d6a59cf247d270a655236d850948026ea952e77575b098a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd338ef682c3e480c17d819e567591b70db334e21f17b4b5065105259eb1fb0e
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2715ea62d6ebb409dd707befac0298dcff62fa25746122c7cc22847bdcc41ab
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
c3d1a8853d20cf2d0f9d47e7cc0fef7e08bce96bf963f5f21315430787aa2062
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea
c6416e5792c35b4ce90a38e7f4f7c0511c1fadf1cb0eb33ed0e7a9528bffa846
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c6cd1c39dc434d83d0d75e0b9b5583aadb7cfd810a322a67c6d38577de351cfa
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca1751fc37d4405c7c284c050904ab43d3a06be8a1fac5d3388aa8c8d8e89e2c
ca2ecf5ecce0b36982d8b3700d1890c98a4e30a137541b7264d1adf50b3a9400
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cbbf6a61a796993d0b994a5fc6c3b84de2a4d0fc2d4513358cdf3a7a31947f26
cbcf243da20de8ab1062499b2e9116f897a3796e97bc9cd4a86d3519bc03a9ed
cd045e0175023dbd2b0b78e853002fbdfb7581f825519c59509c8458ffcbb158
ce280392179400ae2380291c3e0173c785292d2a22010f57c70afd7afb5f9034
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf528fec5f2cdedcd8213c7d056781991c894b6a52f00c98e9500952e171c184
d34251be6124594d18e8ecb4c0d081b3379a21426a9dcd41b7bb7fe4cd13c0d8
d469336e7c72f7848d4a1bb02c8509a7895e2b813afb88bfa5c0dd4e158d50da
d4e386191b073d5400d9e296c58c992f10acbc4adf1d1afbc43f517c5411d39a
d54086f3da92b0295d06c868258ff5949c113f3b30e2120ecd758e9b86b73355
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
d7fd38335a9351deb97460103975b829fa59b7f16ba1eac168aaf01f43cd347a
d83dade87bb12112c3b637e4018601d0fe28d6691d3b818f14529b11046963dd
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da033d2df0587bc22c50049c0f561e3f7bb22ff504b2752628bc552a299375dc
da8356ea10c3ccaa5f0c89a0acfab206a79856452f5d67b22a088d90248d3877
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec744e5913410d5b97433f5e4637058a48b96053dd4d9ef526555c526cfd361
df2be2e1de4232c812191bd6a2ae5452d9cbafe821cab316ce3570ef7f1b1fc4
df530da98f4761a15ac6fe7fc0380de2f4e8219bab76bb25f12ca41f9ea2fd6c
df5a3eec0289d148e9b9c28694142ea78bb20df341f86cb1bc367d8d1c4019e7
df9674e9d102a33943b8495a67d5dc719d674ac6244248e0a134a576ba22dfd9
dfe8210f15fbe84923842bafd0745457bcfc9a0421576d0c1060f86ff7e39e27
e0110297bbea74e04fe0ec924bad10f3b354b09d9fbb10c6dd2874679c73f9ca
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e57edee0e5d804550dbdc6f231d85b0667a42d84adbab21eb4654cc8482fd6b8
e64061bde8642c9458d8617a35d1d0eb32af020dd4a2b68802618dadab2642a5
e6bdabb3010b7d438127960a7cd1678cd67b605863fcf90bd870987f63553c5d
e9484d6a2ea804ef952a85ed5f4184afe72c01c4c68f4d6f272ac655d6602de6
ea89f4227abc9034cd16d5626676b0d0b6d6be18e53d9db0b604d8411513208b
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb755ed1990de92477637d62ccf2ed80320ddaaa9008aa2d2744a2f1f6bc7053
eb923efd647699cc999cb0f47796e3d871f3e6de5e61f9de68c8f6bee996abe1
ee418901528f533337c22471e0c7761e63ef2acaa69d7f90148f4450534bfd60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282
efc27af8b024785556664a1a702ca97f8fda271b4b666461885a8e1189200dcd
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f5a55ceaceac7d5c1be15df2a2b2fbac17e1abb29bd0f6ab6f871dd17e141e34
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f688e4ac5b11a9e36f89bb8cc9b2c6b832854b3dac60c3e4e30474ce60e13574
f6c9da78d2407a188021bdf6e4d375e1d6f3a653607919575d38fa36b3a5039f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f83e1433c9cb4e31250fefced6c97bfb94f0eae1c90f299e946e2c11487e3e59
f9156377bb916012e2a9af84f839784e1cf265d3df2b8e4b4099e4309dee029d
f9cef23b039ec0734477488d163b36570423435d2afe2fe014d8644f6f4bedbb
faa20ed9366b7722fd4eb76ada51e5a78aa0640af135443eec236409c27b26ca
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4eea6c8a923c8012f7844d9c7d19671f7ad4477f8c9ce892d0191ec497632c